Technical Guide How To | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Introduction Allied Telesis routers and managed Layer 3 switches use IGMP—Internet Group Management Protocol—to track which multicast groups their clients belong to. This enables them to send the correct multimedia streams to the correct destinations. This How To Note describes basic and advanced IGMP configuration, in the following major sections: C613-16176-00 REV A an overview of IGMP and definitions of some of the IGMP terminology examples and discussion of the most common IGMP functionality—IGMP snooping, IGMP Querier behaviour and selection, and IGMP proxy examples and discussion of the advanced functionality available through the feature-rich IGMP implementation in Alliedware Plus information for debugging information about the STP state of the simple three-switch ring used in most examples information about IGMPv3 alliedtelesis.com x Introduction Contents Introduction .............................................................................................................................................................................1 Related How To Notes ...........................................................................................................................................4 Products and software versions this note applies to..............................................................................4 IGMP overview ....................................................................................................................................................................5 Queriers and Snoopers...........................................................................................................................................5 Messages ..........................................................................................................................................................................6 Choosing group addresses ....................................................................................................................................6 IGMP snooping ......................................................................................................................................................................8 Explanation of IGMP Snooping ...........................................................................................................................9 Configuration Example ......................................................................................................................................... 10 Using the show command output to investigate IGMP state......................................................... 13 Multiple potential IGMP Queriers........................................................................................................................... 16 Example ......................................................................................................................................................................... 17 Explanation of Multiple Potential IGMP Queriers................................................................................. 20 IGMP proxy .......................................................................................................................................................................... 24 Example ......................................................................................................................................................................... 25 Explanation of IGMP Proxy................................................................................................................................ 28 Multiple Proxies......................................................................................................................................................... 32 Query solicitation (rapid recovery from topology changes).................................................................... 34 How Query Solicitation works........................................................................................................................ 34 Why convergence takes so long without Query Solicitation......................................................... 35 Speeding up IGMP convergence in a non-looped topology........................................................... 41 Enabling Query Solicitation on multiple switches in a looped topology.................................. 41 IGMP filtering (controlling multicast distribution) ........................................................................................... 43 Example ......................................................................................................................................................................... 43 IGMP throttling (limiting the number of streams for each subscriber) .............................................. 45 Example ......................................................................................................................................................................... 46 Explanation of IGMP throttling......................................................................................................................... 49 Static IGMP ........................................................................................................................................................................... 50 Example ......................................................................................................................................................................... 51 Explanation of Static IGMP................................................................................................................................. 54 How clients leave groups: queries and timers.................................................................................................. 59 Overview of leave process................................................................................................................................. 59 Querier timer values.............................................................................................................................................. 60 Snooper timer values............................................................................................................................................. 61 Comparing the Querier and Snooper timers ......................................................................................... 62 Consequences for high-loss and high-lag networks............................................................................. 62 Page 2 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Introduction IGMP Fast Leave.................................................................................................................................................................62 Example..........................................................................................................................................................................63 Explanation of IGMP Fast Leave ......................................................................................................................65 Immediate Leave and Fast Leave.....................................................................................................................68 Configurable IGMP timers and counters .............................................................................................................68 Timer and counter relationships......................................................................................................................69 Default values .............................................................................................................................................................70 Last Member Query Count and Last Member Query Interval ....................................................71 Robustness Variable ................................................................................................................................................73 Default Query Interval..........................................................................................................................................75 Max Query Response Interval..........................................................................................................................76 Group Membership Interval ..............................................................................................................................78 Example of bad choices for timer values .............................................................................................................78 Stopping Snoopers from snooping non-IGMP messages...........................................................................80 Example..........................................................................................................................................................................81 Controlling which addresses create All Groups entries.....................................................................85 IGMP debugging .................................................................................................................................................................86 Support for IGMPv3 ........................................................................................................................................................88 Benefits ...........................................................................................................................................................................89 Report suppression.................................................................................................................................................89 Source Address Check..........................................................................................................................................90 Tips for making an IGMP network more efficient ..........................................................................................90 Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 3 Introduction Related How To Notes You also may find the following AlliedWare Plus How To Note useful: How To Configure PIM on AlliedWare Plus Products and software versions this note applies to IGMP is available on all the following Allied Telesis managed Layer 3 switches running AlliedWare Plus™: x210 Series/switches (IGMP snooping only, not IGMP Querier) x510 Series/switches x600 Series switches x610 Series switches x900 Series switches SwitchBlade® x908 switches SwitchBlade® x8100 Series switches For most examples in this How To Note, we used: one x900 switch (AlliedWare Plus) two x600 switches (AlliedWare Plus) one AT-8824 switch (AlliedWare) one PC running VLC media player as the multicast server (see www.videolan.org) client PCs Page 4 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP overview IGMP overview Clients in an IP subnetwork use IGMP to indicate that they are interested in receiving a multicast stream. IGMP then ensures that routers and switches forward multicast packets out the appropriate ports to the interested clients. IGMP is very flexible, as the examples in this How To Note show, but the basic operation is simple. When a client wants to start receiving a multicast—which is also called joining a multicast group—the client sends an IGMP Membership Report message. When a router or switch is running IGMP and receives a Report message, it starts forwarding traffic for the relevant multicast group to the client. IGMP periodically polls clients by sending General Query messages, to check that the clients still belong to their multicast groups. To leave a group, a client sends an IGMP Leave message to indicate that it no longer needs to receive the group traffic. Note that IGMP does not exchange multicast routing information between subnets. The multicast routing protocol PIM does this. Queriers and Snoopers It is neither necessary nor desirable for every router or switch in an IP subnetwork to coordinate multicast traffic flows. Instead, a single router or switch does this and is called the Querier or the Designated Router. The Querier generates Query messages to check group membership, and processes Membership Reports and Leave messages. However, other routers and switches in the network need to know whether to send multicasts out each of their ports. They find out this information by becoming Snoopers. Each Snooper checks IGMP messages before forwarding them to and from the Querier, and uses the information in the messages to determine which ports to send multicasts out of. The key differences between a network’s Querier and its Snoopers are: IGMP terms: Multicast or Multicast stream A flow of information—usually video or audio—that can go from one source to many destination clients. Group A multicast stream that clients can join. Groups have IP addresses in the 224.0.0.0/4 network. Group member A client that belongs to a particular multicast group. IGMP Querier or Designated Router A device in a subnetwork that is the coordinator for all multicast streams and IGMP membership information. Each subnetwork has only one Querier (see "Multiple potential IGMP Queriers" on page 16). The Querier generates Membership Query messages to check which clients are group members, and processes Membership Reports and Leave messages. IGMP Snooper A device that spies on IGMP messages to create flow efficiencies by ensuring that multicast data streams are only sent to interested ports. A Snooper can decide on the best path to send multicast packets at Layer 2 but it cannot alter those packets or generate its own IGMP messages. IGMP Proxy A device that passes membership reports upstream and multicast streams and queries downstream. The proxy acts on behalf of clients and servers by altering packets. The Querier generates Query messages to find out which ports need to transmit each multicast stream. The Snoopers also use Query messages to find this Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 5 IGMP overview out, but they do this by passing on the Querier’s messages—Snoopers cannot create Query messages themselves. The Querier has IGMP enabled as part of its IP configuration. Snoopers do not require any configuration because snooping is enabled by default on Allied Telesis routers and managed Layer 3 switches. Querying is a Layer 3 feature—the Querier looks into the IP headers of packets to determine whether to forward them. IGMP snooping is a Layer 2 feature. It does not require an IP configuration. Messages The following table describes the different IGMP messages in more detail. IGMP message types: Membership Report A client sends this when it wants to receive a multicast group. The Membership Report (sometimes called a join) is essentially a message that declares an interest in listening to a specified group. Leave A client sends this when it wants to leave a group. General Query The Querier sends this to all clients—whether or not the Querier is currently sending multicasts to the client—to find out which groups they are listening to. Responses to General Queries ensure that the Querier’s group membership information stays up to date. The group address field for General Queries is set to 0.0.0.0. They are sent to a destination address of 224.0.0.1, and by default Allied Telesis routers send them every 125 seconds. Specific Query The Querier sends this to a group address, to check whether clients are still listening to that group. The Querier sends a Specific Query after a client sends a Leave message for that group. Specific Queries enable the Querier to confirm when all downstream clients have left a group, so that the Querier can stop sending the multicast stream. Membership Query This is a general term for both Specific and General Queries. Query Solicit Switches send this when STP or EPSR detects a topology change. The Querier responds by sending a General Query immediately instead of waiting until groups time out. This remaps IGMP to the new topology as quickly as possible. Choosing group addresses This section describes things you need to be aware of when choosing addresses for your multicast groups. Reserved IP addresses IP addresses in the range 224.0.0.0-239.255.255.255 are multicast addresses, but many addresses in this range are reserved. Therefore, before choosing a multicast address, you should check its status in the “Internet Multicast Addresses” document at the IANA website at www.iana.org/ assignments/multicast-addresses. Page 6 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP overview IPs using the same MAC Another complication is that multicasting is designed to use each packet’s group IP address to determine a multicast MAC address to send the packet to. However, multicasting does not have a 1:1 mapping of IP address to MAC address—instead each multicast MAC address corresponds to 32 multicast IP addresses. This means that different multicast IP addresses use the same MAC address. The MAC address only uses the last 23 bits of the IP address; it ignores the IP’s first octet and the first bit of the second octet. Note that all IP multicast MAC addresses start with 01-00-5E. You need to avoid using multiple IP addresses that have the same MAC address. In practice, this means that if you use x.0.y.z, then do not use x.128.y.z (or vice versa), where x is anything from 224-239, and y and z are the same in each IP address. For example, if y=6 and z=200 then these IP addresses use the same MAC: 224.0.6.200, 224.128.6.200, 225.0.6.200, 225.128.6.200, and so on. To see this in detail, consider 224.0.6.200. This has a multicast MAC of 01-00-5E-00-06-C8, like this: IP address, decimal: 224. IP address, binary: 11100000 00000000 00000110 11001000 0. MAC address, binary: MAC address, hex: 6. 200 0000000 00000110 11001000 01-00-5E -00 -06 -C8 Therefore, the following multicast IP addresses will all have the same MAC address as 224.0.6.200, because their last 23 bits are all the same: IP address, decimal: IP address, binary: 224.0.6.200 11100000 0 0000000 00000110 11001000 224.128.6.200 11100000 1 0000000 00000110 11001000 225.0.6.200 11100001 0 0000000 00000110 11001000 225.128.6.200 11100001 1 0000000 00000110 11001000 226.0.6.200 11100010 0 0000000 00000110 11001000 226.128.6.200 11100010 1 0000000 00000110 11001000 227.0.6.200 11100011 0 0000000 00000110 11001000 227.128.6.200 11100011 1 0000000 00000110 11001000 ... ... ... 239.0.6.200 11101111 0 0000000 00000110 11001000 239.128.6.200 11101111 1 0000000 00000110 11001000 Different IPs The same MAC Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 7 IGMP snooping Avoid x.0.0.y, x.0.1.y, x.128.0.y, and x.128.1.y It is particularly important to avoid using any address in the ranges x.0.0.y, x.128.0.y, x.0.1.y, or x.128.1.y (where x is 224-239 and y is 1-254). This is because x.0.0.y and x.128.0.y will map to the same multicast MAC address as 224.0.0.y. Similarly, x.0.1.y and x.128.1.y will map to the same multicast MAC address as 224.0.1.y. Most addresses in the ranges 224.0.0.y and 224.0.1.y are reserved for contacting all routers, or for routing protocol messages, so they are always flooded out all ports in the relevant VLAN. Therefore, all addresses in the ranges x.0.0.y, x.128.0.y, x.0.1.y, or x.128.1.y are flooded out every port in the relevant VLAN. Using these addresses can significantly increase multicast traffic in your network. If you are debugging a situation where it seems that certain multicast groups are forwarded when you think they shouldn’t be, check whether the choice of group addresses has violated any of the recommendations above. IGMP snooping In the following example ("Configuration Example" on page 10), we discuss IGMP snooping, the key to efficient multicast traffic flow in a layer 2 network. IGMP snooping is enabled by default on switch ports in Allied Telesis managed Layer 3 switches and routers—it does not require any configuration. In a single-switch network, IGMP snooping makes multicasting happen with no configuration at all. All you need to do is connect your server and clients to the switch. In a multi-switch network, at least one switch must also have an IGMP configuration. This switch is called the IGMP Querier and coordinates the flow of multicast information through the network. The following example describes a multi-switch configuration, so as well as discussing the effect of IGMP snooping, it outlines the actions that the Querier takes. "Multiple potential IGMP Queriers" on page 16 discusses the role of the Querier in greater detail. Page 8 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP snooping Explanation of IGMP Snooping This section steps through the events that occur in a typical use of multicasting in this network: to stream multicast packets for a group. The following figure shows the process by which IGMP tracks multicast clients and ensures that the correct clients receive the stream. What happens before a multicast client exists: Multicast server 1.0.11 1.0.16 pe r1 r2 ier pe oo oo er Blocked by STP Multicast Pontential client Sn Sn Qu 1. Querier starts receiving multicast stream from server. Querier has no interested clients so doesn’t forward multicast. 1.0.3 GQ 1.0.11 1.0.16 Sn r1 ier pe er oo Qu 2. Querier sends General Query (GQ) to find out if any would-be clients exist. Snooper 1 receives Query on port 1.0.16, snoops Query, and creates All Groups entry for port 1.0.16. 1.0.3 Multicast 1.0.11 1.0.16 oo r1 ier pe er GQ Sn Qu 3. Snooper 1 forwards Query out all ports. No clients exist, so no clients reply to Query. GQ 1.0.3 Multicast Client 1.0.11 Sn r1 ier pe er oo Qu 4. Client joins group by sending Membership Report to the group address. 1.0.16 Report 1.0.3 Multicast Report 1.0.16 Sn r1 ier pe er oo Qu 5. Snooper 1 receives Report on port 1.0.3, snoops Report, and adds a group entry for port 1.0.3. Snooper 1 forwards Report out its All Groups port. 1.0.11 1.0.3 Multicast Multicast 6. Querier receives Report on port 1.0.11 and adds a group entry for port 1.0.11. Querier starts forwarding multicast stream out port 1.0.11. 1.0.11 1.0.16 Sn r1 ier pe er oo Qu 1.0.3 Multicast Multicast 1.0.11 1.0.16 Sn r1 ier pe er oo Qu 7. Snooper 1 receives multicast stream and forwards it out port 1.0.3. Multicast 1.0.3 Multicast GQ 1.0.11 1.0.16 Sn r1 ier pe er oo Qu 8. Querier continues to send General Queries periodically. These keep All Groups entries alive on Snoopers. Multicast Multicast 1.0.3 Multicast Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 9 IGMP snooping Configuration Example This example has a three-switch loop, as shown in the following figure. Switch-1 (x900) is running IGMP and the other two switches (x600) are running IGMP snooping. In AlliedWare Plus, both IGMP snooping and RSTP are enabled by default. On the x900 and x600s, the only configuration needed is to set the client-facing ports as spanning tree edge ports. Multicast Server port1.0.1 00 x9 port1.0.11 Switch-1: Querier port1.0.12 Switch-2: Snooper port1.0.11 Switch-3: Snooper port1.0.12 port1.0.11 00 x6 00 x6 port1.0.12 (blocked by STP) port1.0.1 Clie nt 1 port1.0.1 Clie nt 2 1. Configure Switch-1 (x900) Switch-1 is configured with IGMP, which makes it the IGMP Querier in this network. It is best practice to make the Querier the closest switch to the multicast source, and in this example Switch-1 is closest. For more information about Queriers see "Multiple potential IGMP Queriers" on page 16. In this example, we add an IP interface to vlan100 and enable IP IGMP on this interface so that Switch-1 becomes the IGMP Querier in this network. Page 10 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP snooping The default version of IGMP in AlliedWare Plus is IGMPv3. In this example we change it to IGMPv2 to match the version the clients are using. ! hostname Switch-1 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp version 2 AlliedWare Plus provides two ways of making this switch the Querier: as above, or by entering the following commands: awplus# conf t awplus(config)# int vlan100 awplus(config-if)# ip igmp snooping querier These commands enable IGMP Querier operation on a VLAN when no multicast routing protocol is configured in the VLAN. When enabled, the IGMP Snooping Querier sends out periodic IGMP queries for all interfaces on that VLAN. This command applies to interfaces configured for IGMP Snooping. This Snooping Querier function is a useful way to provide a Querier in an Layer 2 network that does not contain a multicast router. We do not recommend enabling the IGMP Snooping Querier feature on a Layer 2 switch when there is a router acting as an operational IGMP Querier in the network. In terms of IGMP querying activity, there is no real difference between the Querier and Snooping Querier, they both send queries on the specified interface. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 11 IGMP snooping 2. Configure Switch-2 (x600) Switch-2 is an IGMP Snooper. It forwards multicast packets and IGMP messages as required. IGMP snooping is enabled by default and does not need any configuration. ! hostname Switch-2 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport 3. Configure Switch-3 (x600) Switch-3 is also an IGMP Snooper. It forwards multicast packets and IGMP messages as required. IGMP snooping is enabled by default and does not need any configuration. ! hostname Switch-3 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport Page 12 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP snooping Using the show command output to investigate IGMP state No group members At first we have no hosts requesting any multicast. The multicast server is streaming group 224.12.13.14 to the Querier, Switch-1. Switch-1 knows about the group, but has nobody interested in receiving it. You can see this by using the command show ip igmp snooping statistics interface vlan100 on Switch-1. The output of this command shows that Switch-1 has an entry for the group, but no associated ports. Switch-1#sh ip igmp snooping statistics int vlan100 IGMP Snooping statistics for vlan100 Group Type: UnReg MC Group Interface: vlan100 Group: 224.12.13.14 Uptime: 00:00:10 Group mode: Include (Expires: 00:04:10) Last reporter: 192.168.100.100 No ports are mentioned in the output. Also, you can see that the Group Type is described as "unReg MC Group". This means that it is an entry for an unregistered group. That is a group for which data packets are arriving, but no IGMP reports have been received. Client joins the group When a client joins the group, the Group List changes for the Snooper that the client is attached to, and on the Querier. First, look at the output of the command show igmp snooping statistics interface vlan100 on the Snooper. Switch-2#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:29:24 Group mode: Include () Last reporter: 192.168.100.254 Port member list: port1.0.11 - 169 secs Interface: vlan100 Group: 224.12.13.14 Flags: Uptime: 00:00:30 Group mode: Exclude (Expires: 00:03:50) Last reporter: 192.168.100.10 Source list is empty Port member list: port1.0.1 - 230 secs Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 13 IGMP snooping This output now shows two entries, one for each of the following: Group 224.12.13.14 and port 1.0.1. This shows that the client is attached to the Snooper through port 1.0.1 and is listening to group 224.12.13.14. The Snooper created this entry at stage 5 in the process ("Explanation of IGMP Snooping" on page 9). This entry means that the Snooper forwards packets from 224.12.13.14 out port 1.0.1. Group Type: Router port learnt on port 1.0.11. This shows that the Snooper is connected to the Querier through port 1.0.11. The Snooper created this entry at stage 2 in the process. This entry means that the Snooper forwards IGMP reports and Leave messages out port 1.0.11. The Router Port entry means that the Snooper forwards the report from the client out port 1.0.11 to the Querier, Switch-1. Let us take the opportunity here to examine the information that appears in the output of the show ip igmp snooping statistics interface command. Group Type—This item only appears in entries that are Router Port or Unregistered group entries. For standard entries created for IGMP reports, this item does not appear. Interface—The interface which the IGMP reports were received on. In the case of a Router Port entry, the VLAN towards the router. For unregistered groups it is the VLAN the stream is arriving on. Group—The multicast group address Uptime—How long the entry has been in existence Group mode—This parameter can either be Include or Exclude. The terms "Include" and "Exclude" come from IGMPv3 terminology. IGMPv3 has the concept of including sources or excluding sources that the group can be received from. If a group entry is created by IGMPv2 reports, then the entry will be labelled as "Exclude", because IGMPv2 reports are treated as being “Exclude no source” reports. A Router Port entry is labelled as "Include" as this entry effectively includes no sources. Last reporter—The IP address of the last member to send an IGMP report for this group. In the case of a router port, it is the address of the router or Querier that the router-indicating packets are coming from. In the case of an unregistered group, it is the source address of the stream. The Querier receives the Report on port 1.0.11. Next, look at the output of the command show ip igmp groups on the Querier. Switch-1# sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.254 Page 14 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP snooping Switch-1# sh ip igmp groups IGMP Connected Group Membership Group Address Interface 224.12.13.14 vlan100 Uptime Expires 00:08:17 00:03:31 Last Reporter 0.0.0.0 The output above shows an entry for group 224.12.13.14. This entry shows that the Querier knows about a client for 224.12.13.14. The Querier created this entry at stage 6 in the process. The fact that the "Last Reporter" in this entry is 0.0.0.0 indicates that the report that created this entry was not received from a directly connected host (the report was received via Switch-2). Because the report was forwarded by a snooper that has no IP address, the report arrived with IP source address 0.0.0.0. Finally, look at the output of the command show ip igmp snooping statistics interface vlan100 on the Querier. Even though Switch-1 is the Querier for this network instead of a Snooper, this command shows that a client for group 224.12.13.14 is reached out port 1.0.11. So a Querier does also perform snooping, to work out the exact egress port(s) for each group. Switch-1# sh ip igmp snooping statistics int vlan100 IGMP Snooping statistics for vlan100 Interface: vlan100 Group: 224.12.13.14 Uptime: 00:12:11 Group mode: Exclude (Expires: 00:03:43) Last reporter: 0.0.0.0 Source list is empty Port member list: port1.0.11 - 224 secs When a client leaves a group When a client wants to stop receiving a group’s multicast stream, it sends an IGMP leave message with a destination address of the group. The Snooper forwards the Leave message out its All Groups port, so the message arrives at the IGMP Querier. At this point, the IGMP Querier sends a series of Specific Queries (two by default) to see if anybody else is still listening to this group. If the Snooper receives a response to the Specific Queries, it forwards the response to the Querier and continues to forward the multicast stream to the ports that want to receive it. If the Snooper does not receive a response to the Specific Queries, it stops forwarding the stream. For a detailed description of how the leave process works, see "How clients leave groups: queries and timers" on page 59. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 15 Multiple potential IGMP Queriers Multiple potential IGMP Queriers To find out more about IGMP, we next investigate what happens when more than one router has an IGMP configuration. RFC 2236, Internet Group Management Protocol, Version 2, states that each Layer 2 network should have only one IGMP Querier. You may configure IGMP on more than one router, perhaps for redundancy, but the routers have a pseudo-election and the device with the lower IP becomes the operating IGMP Querier. This is a ‘pseudo-election; in reality, it is a query suppression, in that all queriers except that with the lowest IP address just stop sending out queries when they realise that the network contains a querier with a lower IP address than themselves. Each querier will send out regular queries. When a querier receives a query message with a lower IP address then it will stop sending its own queries for the duration of the Other Querier interval. As long as the other querier keeps regularly sending queries, the higher IP address querier will not send queries. A snooping querier (with source address of 0.0.0.0) should consider all real IP addresses to be ‘lower’ and stop sending queries when it receives queries from a non-snooping querier. The following example describes a network with two potential Queriers. Page 16 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Multiple potential IGMP Queriers Example The network for this example uses the same loop as for "IGMP snooping" on page 8 and is shown in the following figure. Multicast Server port1.0.1 00 x9 port1.0.11 Switch-1: Potential Querier port1.0.12 Switch-2: Elected Querier port1.0.11 Switch-3: Snooper port1.0.12 port1.0.11 00 x6 00 x6 port1.0.12 (blocked by STP) port1.0.1 Clie nt 1 port1.0.1 Clie nt 2 Both Switch-1 and Switch-2 are configured with IGMP, making both of them potential Queriers. Switch-3, by default configuration, is an IGMP Snooper. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 17 Multiple potential IGMP Queriers 1. Configure Switch-1 Switch-1 is a potential IGMP Querier. It acts as a Snooper if it is not elected as the Querier ! hostname Switch-1 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp version 2 Page 18 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Multiple potential IGMP Queriers 2. Configure Switch-2 Switch-2 is also a potential IGMP Querier. It acts as a Snooper if not elected as the Querier. ! hostname Switch-2 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.253/24 ip igmp ip igmp version 2 3. Configure Switch-3 Switch-3 is an IGMP Snooper. It forwards multicast packets and IGMP messages as required. IGMP snooping and Rapid Spanning Tree Protocol are enabled by default, so it does not need any specific IGMP or RSTP configuration. (The configuration is the same as the configuration used in the first example). ! hostname Switch-3 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 19 Multiple potential IGMP Queriers Explanation of Multiple Potential IGMP Queriers When there are no group members Switch-1 and Switch-2 are both possible Queriers, and an election determines which switch becomes the actual Querier. We can see the results of the election by using the command show ip igmp on each switch. When there are two or more possible Queriers on the same network, the election process is based on the lowest IP address. So in this example Switch-2, which has the IP address of 192.168.100.253, will be the Designated Querier as it has the lowest IP address. On Switch-1, we see that it reports itself as the non-querier, and shows that the Querier is 192.168.100.253, which is Switch-2. Switch-1# sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Non-Querier, Configured for version 2 Internet address is 192.168.100.254 IGMP interface has 3 group-record states IGMP activity: 93 joins, 0 leaves IGMP querying router is 192.168.100.253 IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds IGMP Last member query count is 2 Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled Now we look at Switch-2, which has the lower IP address configured, resulting in it being the Designated Querier based on the IGMP Querier election process. Page 20 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Multiple potential IGMP Queriers Switch-2#sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.253 IGMP interface has 3 group-record states IGMP activity: 18 joins, 1 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Group Membership interval is 260 seconds IGMP Last member query count is 2 Last member query response interval is 1000 milliseconds Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled The highlighted text shows that this switch has become the Designated Querier for vlan100. The Source now sends a stream onto the LAN. With no clients requesting the stream, we look at the IGMP Snooping statistics on Switch-1. We can see that the router port has been learnt from the IGMP Querier (Switch-2). There are no ports associated with the multicast group 224.12.13.14 as no users have requested this group. Again, this appears with Group Type of “UnReg MC Group” Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 21 Multiple potential IGMP Queriers Switch-1#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:24:44 Group mode: Include () Last reporter: 192.168.100.253 Port member list: port1.0.11 - 168 secs Group Type: Interface: Group: Uptime: Group mode: Last reporter: UnReg MC Group vlan100 224.12.13.14 00:00:13 Include (Expires: 00:04:07) 192.168.100.100 From Switch-2, the IGMP Querier, we can see from the output that it is receiving this group, but there are no interfaces associated with this, as no clients have requested that stream. So it appears as an UnReg MC Group. Switch-2#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Interface: vlan100 Group Type: UnReg MC Group Interface: vlan100 Group: 224.12.13.14 Uptime: 00:03:58 Group mode: Include (Expires: 00:00:21) Last reporter: 192.168.100.100 The reason that the stream arrives at Switch-2 is because Switch-1 will forward all multicast out its Router Port. When a client joins a group Now imagine that Client 2 sends a Membership Report to Switch-3 for the group 224.12.13.14. If we check the group membership for Switch-2 by using the command show ip igmp snooping statistics interface vlan100, we see a group entry for 224.12.13.14. It has changed from being an UnReg MC group entry to a normal forwarding entry. We can see that this membership report from the client (192.168.100.20/24), which is attached to port1.0.1 on Switch-3, has been received on port1.0.11 on Switch-2. In this case, we see that the "Last reporter" in the entry on Switch-2 is 192.168.100.254. This is because the report was forwarded to Switch-2 via Switch-1. Given that Switch-1 has the IP address 192.168.100.254 on vlan100, it put that IP address as the source address of the IGMP report when it forwarded it. Page 22 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Multiple potential IGMP Queriers Switch-2#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Interface: vlan100 Group: 224.12.13.14 Flags: Uptime: 00:01:49 Group mode: Exclude (Expires: 00:03:08) Last reporter: 192.168.100.254 Source list is empty Port member list: port1.0.11 - 189 secs On Switch-3, we can see that reports have been received from a client (192.168.100.20) which is attached to port 1.0.1: Switch-3#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:13:02 Group mode: Include () Last reporter: 192.168.100.253 Port member list: port1.0.12 - 204 secs Interface: vlan100 Group: 224.12.13.14 Flags: Uptime: 00:03:19 Group mode: Exclude (Expires: 00:03:24) Last reporter: 192.168.100.20 Source list is empty Port member list: port1.0.1 - 204 secs If we check the group membership for Switch-1 and Switch-3, we see there are entries for 224.12.13.14, but also see a Router Port entry on each switch. The Router Port entry points to the Querier, Switch-2. The output for Switch-1, for example, shows port 1.0.11 as the Router port, indicating that Switch-1 reaches the Querier via port 1.0.11. Switch-1 has received the Membership report on port1.0.12 (this is the connection to Switch3). Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 23 IGMP proxy Switch-1#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:41:56 Group mode: Include () Last reporter: 192.168.100.253 Port member list: port1.0.11 - 136 secs Interface: vlan100 Group: 224.12.13.14 Uptime: 00:06:51 Group mode: Exclude (Expires: 00:02:18) Last reporter: 0.0.0.0 Source list is empty Port member list: port1.0.12 - 139 secs We see port1.0.12 on Switch-1 port member list because interface port1.0.11 on Switch-3 is in a RSTP Discarding state (this is the connection to Switch-2.) The traffic is going to be received on interface port1.0.12 on Switch-1. IGMP proxy In very simple tree-design networks, IGMP Proxy is a useful simple alternative to a multicast routing protocol for multicasting between VLANs. An IGMP Proxy sends IGMP Membership Report and Leave group messages to an upstream subnetwork on behalf of downstream devices, and sends Queries downstream. In other words, an IGMP Proxy effectively ferries IGMP messages from one VLAN to another. The IGMP Proxy looks like an IGMP Querier to the downstream VLAN, and like a client to the upstream VLAN. Note that the Proxy can only have one configured upstream VLAN. The IGMP packets forward at line speed, and the switch creates hardware entries as it receives the IGMP requests and multicast data. This means that they are not sent to the CPU for processing. Page 24 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP proxy Example IGMP Proxy only works in tree networks, so for this example we convert the network from a loop into a tree by disabling port 1.0.11 on Switch-1 (x900 switch). Switch-3 is the IGMP Proxy. Switch-1 is upstream of the Proxy. Switch-2 is downstream of the Proxy on vlan100. Therefore, the multicast server and Client 1 are now in different VLANs and Switch-3 sits on the boundary between the two VLANs. This network is shown in the following figure. 00 x9 port1.0.1 vlan200 Multicast Server Switch-1: Querier port1.0.12 upsteam vlan200 port1.0.12 port1.0.1 port1.0.11 downsteam vlan100 00 x6 00 x6 Switch-2: Snooper port1.0.12 Switch-3: Proxy Clie nt 1 1. Configure Switch-1. Switch-1, the closest switch to the multicast source, is an IGMP Querier. On Switch-1, we have shut down port1.0.11, which is the connection to Switch-2. Switch-1(config)# int port1.0.11 Switch-1(config-if)# shutdown The VLAN has also been changed from vlan100 to vlan200 and we have configured a static route to the vlan100 subnet. So now the configuration for Switch-1 looks as follows: Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 25 IGMP proxy ! hostname Switch-1 ! vlan database vlan 200 name vlan200 ! interface port1.0.1-1.0.10 switchport access vlan 200 ! interface port1.0.11 shutdown switchport access vlan 200 ! interface port1.0.12-1.0.24 switchport access vlan 200 ! interface vlan200 ip address 192.168.200.253/24 ip igmp ip igmp version 2 ! ip route 192.168.100.0/24 192.168.200.254 2. Configure Switch-2. Switch-2 is an IGMP Snooper. IGMP snooping is enabled by default and does not need any configuration. We have added an IP route to the source's subnet 192.168.200.0/24. ! hostname Switch-2 ! vlan database vlan 100 name vlan100 vlan 100 state enable ! interface port1.0.1-1.0.24 switchport access vlan 100 ! interface vlan100 ip address 192.168.100.252/24 ! ip route 192.168.200.0/24 192.168.100.253 Page 26 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP proxy 3. Configure Switch-3. Switch-3 is an IGMP Proxy. hostname Switch-3 ! ip multicast-routing ! vlan database vlan 100 name vlan100 vlan 200 name vlan200 ! interface port1.0.1-1.0.23 switchport access vlan 100 ! interface port1.0.24 switchport access vlan 200 ! ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp mroute-proxy vlan200 ip igmp version 2 ! interface vlan200 ip address 192.168.200.254/24 ip igmp ip igmp proxy-service ip igmp version 2 Switch-3 has had the most configuration changes in this setup. The upstream interface is vlan200, as this interface is closest to the multicast source, connected to Switch-1. The downstream interface is vlan100, which has the clients requesting the stream 224.12.13.14. Since we are now routing the multicast group 224.12.13.14 from vlan200 to vlan100, we have enabled IP multicast-routing on Switch-3: Switch-3(config)# ip multicast-routing Let us now look in a bit more detail at the meaning of the IGMP Proxy commands. (Explanations below.) Switch-3(config)# int vlan200 Switch-3(config-if)# ip igmp proxy-service On vlan200, we have enabled the IGMP proxy service. What this means is that all associated downstream IGMP mroute proxy interfaces will have their IGMP packets forwarded directly to this interface. The proxy will then transmit these packets towards the server attached to this interface. Switch-3(config)# int vlan100 Switch-3(config-if)# ip igmp mroute-proxy vlan200 Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 27 IGMP proxy This downstream mroute proxy interface listens for IGMP Report and Leave messages, and forwards them to the upstream IGMP proxy service interface. Note: IGMP proxy does not work with other multicast routing protocols, such as PIM-SM or PIM-DM. Explanation of IGMP Proxy When there are no group members The multicast server streams group 224.12.13.14 to Switch-1 through port 1.0.1. IGMP snooping detects the stream, as you can see by using the command show ip igmp snooping statistics interface vlan200 on Switch-1. Switch-1#sh ip igmp snooping statistics interface vlan200 IGMP Snooping statistics for vlan200 Group Type: UnReg MC Group Interface: vlan200 Group: 224.12.13.14 Uptime: 00:00:02 Group mode: Include (Expires: 00:04:17) Last reporter: 192.168.200.100 When a client joins a group Client 1 (attached to Switch-2, the Snooper) sends an IGMP Membership Report for the group 224.12.13.14. Switch-2 forwards that report message out its Router port, in this case port 1.0.12. Switch-2#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:00:59 Group mode: Include () Last reporter: 192.168.100.253 Port member list: port1.0.12 - 201 secs Interface: vlan100 Group: 224.12.13.14 Flags: Uptime: 00:00:54 Group mode: Exclude (Expires: 00:03:26) Last reporter: 192.168.100.10 Source list is empty Port member list: port1.0.1 - 206 secs Page 28 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP proxy Switch-3—the Proxy—receives the report on its downstream interface, vlan100. Switch-3 then creates a new report with itself as the sender. It sends this report upstream to Switch-1 through vlan200. Output of the commands show ip igmp groups and show ip igmp snooping interface vlan100 show that Switch-3 knows of a client interested in the group 224.12.13.14 through port 1.0.11 on vlan100. Switch-3#sh ip igmp groups IGMP Connected Group Membership Group Address Interface 224.12.13.14 vlan100 224.12.13.14 vlan200 Uptime Expires Last Reporter 00:58:48 00:02:20 192.168.100.252 00:58:48 00:04:14 192.168.100.252 The group 224.12.13.14 has been registered on both VLANs. Switch-3#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Interface: vlan100 Group: 224.12.13.14 Flags: Uptime: 00:02:40 Group mode: Exclude (Expires: 00:04:09) Last reporter: 192.168.100.252 Source list is empty Port member list: port1.0.11 - 0 secs The downstream client is reached through port1.0.11 via Switch-2. The Last Reporter address is 192.168.100.252, which is the IP address of Switch-2, because Switch-2 applied its IP address to the IGMP reports when it forwarded them. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 29 IGMP proxy Switch-3#sh ip igmp snooping statistics interface vlan200 IGMP Snooping statistics for vlan200 Group Type: Router Port Learnt Interface: vlan200 Group: 224.0.0.2 Uptime: 00:01:01 Group mode: Include () Last reporter: 192.168.200.253 Port member list: port1.0.12 - 199 secs Interface: vlan200 Group: 224.12.13.14 Flags: Uptime: 00:03:02 Group mode: Exclude (Expires: 00:01:28) Last reporter: 192.168.100.252 Source list is empty Port member list: On vlan200, the IGMP packets are transmitted out port 1.0.12. Switch-3#sh ip igmp proxy group IGMP Connected Proxy Group Membership Group Address Interface Member state 224.12.13.14 vlan200 Delay We can see that the group has been received on vlan200 on the IGMP proxy switch. 'Delay' means that none of the group or source group query timers run for the specified group. The output above does not indicate whether the proxy works or not, it just tells us which groups are registered in the system. Switch-3#sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 IGMP mroute-proxy interface is vlan200 Internet address is 192.168.100.253 The output above shows that Switch-3 is the active Querier on vlan100 and also that vlan200 is the mroute-proxy interface. The output below shows that vlan200 has the proxy configured and, importantly, that this interface is not the active Querier. Page 30 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP proxy Switch-3#sh ip igmp int vlan200 Interface vlan200 (Index 500) IGMP Enabled, Active, Non-Querier, Configured for version 2 proxyservice IGMP host version 2 Internet address is 192.168.200.253 IGMP interface has 28 group-record states IGMP activity: 0 joins, 0 leaves IGMP querying router is 192.168.200.254 Switch-1 receives the proxied report from Switch-3. Switch-1 notes that Switch-3 is interested in the group 224.12.13.14 and sends the group multicast to Switch-3 on port 1.0.12. Output of the command show ip igmp snooping statistics interface vlan200 shows the membership that Switch-1 is aware of. Switch-1#sh ip igmp snooping statistics interface vlan200 IGMP Snooping statistics for vlan200 Interface: vlan200 Group: 224.12.13.14 Uptime: 00:22:31 Group mode: Exclude (Expires: 00:02:48) Last reporter: 192.168.200.254 Source list is empty Port member list: port1.0.12 - 168 secs When a client leaves a group When the client on Switch-2 wants to stop receiving the group’s multicast stream, it sends an IGMP Leave message. The switches use the above process to transfer the message to Switch-1. Note the following points about how IGMP Proxy deals with Leave messages: The Proxy sends an IGMP Leave Group message via its upstream interface only when the last interface on the Proxy leaves the group. The Proxy does not respond to IGMP Join or Leave Group messages received via its upstream interface, but only to those received via downstream interfaces. The Proxy does respond to IGMP query messages received via its upstream interface. When the Proxy—Switch-3 in this example—sends a Leave Group message upstream, the upstream IGMP Querier—Switch-1—sends a membership query. Switch-3 takes that query and proxies it to the downstream interface, vlan100, with its own IP address as the source (192.168.100.253). This means any other interested clients on Switch-2 can declare their interest in continuing to receive the multicast stream. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 31 IGMP proxy Multiple Proxies A significant feature of AlliedWare Plus is that it can support multiple IGMP proxies on the same switch. Example configuration of multiple IGMP proxies vlan database vlan 40 name vlan40 vlan 50 name vlan50 vlan 60 name vlan60 vlan 100 name vlan100 vlan 200 name vlan200 ! interface port1.0.1-1.0.2 switchport switchport mode access switchport access vlan 100 ! interface port1.0.3-1.0.4 switchport switchport mode access switchport access vlan 40 ! interface port1.0.5-1.0.6 switchport switchport mode access switchport access vlan 50 ! interface port1.0.7-1.0.8 switchport switchport mode access switchport access vlan 60 Page 32 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP proxy Example configuration of multiple IGMP proxies (cont.) ! interface port1.0.24 switchport access vlan 200 ! interface vlan40 ip address 192.168.40.254/24 ip igmp ip igmp mroute-proxy vlan50 ip igmp version 2 ! interface vlan50 ip address 192.168.50.254/24 ip igmp ip igmp proxy-service ip igmp version 2 ! interface vlan60 ip address 192.168.60.254/24 ip igmp ip igmp mroute-proxy vlan50 ip igmp version 2 ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp mroute-proxy vlan200 ip igmp version 2 ! interface vlan200 ip address 192.168.200.254/24 ip igmp ip igmp proxy-service ip igmp version 2 The configuration above has the following interfaces setup as the Proxy Service: vlan200 vlan50 and the following interfaces as the host side (mroute proxy): vlan40 vlan60 vlan100 Interfaces vlan40 and vlan60 are proxying to vlan50. Quite separately from these, interface vlan100 is proxying to vlan200. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 33 Query solicitation (rapid recovery from topology changes) Query solicitation (rapid recovery from topology changes) Query Solicitation minimizes loss of multicast data after a topology change. It is a built-in feature of AlliedWare Plus managed Layer 3 switches when running EPSR or spanning tree (STP, RSTP, or MSTP) for loop protection. Without Query Solicitation, when the underlying link layer topology changes, multicast data flow can stop for up to several minutes, depending on which port goes down and how much of the timeout period was left (see "Why convergence takes so long without Query Solicitation" on page 35). Query Solicitation greatly reduces this disruption. Query Solicitation operates without configuration in networks of Allied Telesis managed layer 3 switches running STP, RSTP, MSTP or EPSR. You may find it helpful to manually enable it in the following other situations: loop-free networks running IGMP (see "Speeding up IGMP convergence in a non-looped topology" on page 41) networks in which not all switches support Query Solicitation (see "Enabling Query Solicitation on multiple switches in a looped topology" on page 41) How Query Solicitation works Query Solicitation monitors STP, RSTP, MSTP and EPSR messages for topology changes. When it detects a change, it generates a special IGMP Leave message called a Query Solicit. The switch floods the Query Solicit message to all ports in every VLAN that Query Solicitation is enabled on. When the Querier receives the Query Solicit message, it sends out a General Query and waits for clients to respond with Membership Reports. These Reports update the snooping information throughout the network. Query Solicit messages have a group address of 0.0.0.0. Query Solicitation works by default (without you enabling it) on all VLANs on the root bridge in an STP instance and on all data VLANs on the master node in an EPSR instance. By default, the root bridge or master node always sends a Query Solicit message when any of the following events occur: an STP BPDU packet with the Topology Change (TC) flag arrives at the root bridge an STP port on a switch goes from a Discarding to Forwarding state the FDB gets flushed by EPSR If necessary, you can make clients respond more quickly to the General Query by tuning the IGMP timers, especially the "Max Query Response Interval" on page 76. Page 34 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Query solicitation (rapid recovery from topology changes) The following figure shows how Query Solicitation works when a port goes down. Multicast h4 h3 itc itc Sw Sw 2 h itc oot Sw P r ST 1 h itc ier Sw uer Q Initial state: Port on Switch 3 is blocking. Multicasts flow from server to client via Switches 1 and 4 Multicast Multicast h3 itc Sw 2 h itc oot Sw P r ST 1. Link to Switch 4 goes down. Switch 3 stops blocking and sends topology change (TC) TC 2 h itc oot Sw P r ST 2. Switch 2 receives TC and sends Query Solicit (QS) QS QS GQ GQ GQ GQ Report Report Report 1 h itc ier Sw uer Q 3. Switch 1 receives QS and sends General Query (GQ) QS 4. Host receives GQ and responds with Membership Report Report Sw Multicast h4 h3 itc itc Multicast Sw Multicast 2 h itc oot Sw P r ST 1 h itc ier Sw uer Q Final state: Multicasts flow from server to client via Switches 1, 2, 3, and 4 Multicast Multicast Why convergence takes so long without Query Solicitation This section illustrates IGMP convergence in a simple network that does not need STP because it has no switch loops. In this case we have disabled STP on all switches. Query Solicitation is disabled by default in networks like this, because no switch is an STP root bridge or an EPSR master node. In this network, it takes up to 125 seconds for multicasting to recover after a port comes back up. This section explains the reason for the slow convergence. "Speeding up IGMP convergence in a non-looped topology" on page 41 explains the solution. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 35 Query solicitation (rapid recovery from topology changes) Example The following figure shows the network for the example in this section. Multicast Server Clie nt 1 port1.0.9 port1.0.24 Switch-1: Querier port1.0.1 00 x6 00 x9 port1.0.1 Switch-2: Snooper The example considers what happens when a port comes up. When the port was down, the client stopped receiving multicasts because there was no backup route available. The example shows how the network recovers. The multicast group is 224.12.13.14. 1. Configure Switch-1. Switch-1 is configured with IGMP, which makes it the IGMP Querier in this network. ! hostname Switch-1 ! no spanning-tree rstp enable ! interface vlan1 ip address 192.168.1.1/24 ip igmp Page 36 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Query solicitation (rapid recovery from topology changes) 2. Configure Switch-2. Switch-2 is an IGMP Snooper. It forwards multicast packets and IGMP messages as required. IGMP snooping is enabled by default and does not need any configuration. ! hostname Switch-2 ! !no spanning-tree rstp enable ! interface vlan1 ip address 192.168.1.2/24 Explanation from the perspective of Switch-2, the Snooper When link is up When the link is connected (all ports are up), the Snooper has entries for two ports: port 1.0.9, which is the Snooper's connection to the client. The Snooper sends the multicast stream out this port, as well as sending Queries (the Snooper floods Queries out all its ports) port 1.0.1, which is the Snooper's connection to the Querier. This is a Router Port entry, so the Snooper forwards Reports out this port. The output of the command show ip igmp snooping statistics interface vlan1 shows both entries. Switch-2#sh ip igmp snooping statistics interface vlan1 IGMP Snooping statistics for vlan1 Group Type: Router Port Learnt Interface: vlan1 Group: 224.0.0.2 Uptime: 00:03:18 Group mode: Include () Last reporter: 192.168.1.1 Port member list: port1.0.1 - 218 secs Interface: vlan1 Group: 224.12.13.14 Flags: Uptime: 00:01:49 Group mode: Exclude (Expires: 00:03:41) Last reporter: 192.168.1.10 Source list is empty Port member list: port1.0.9 - 221 secs Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 37 Query solicitation (rapid recovery from topology changes) When link goes down When we disconnect port 1.0.1 on the Snooper, the Router Port disappears, and the entry for 224.12.13.14 is still present until it times out. Switch-2#sh ip igmp snooping statistics interface vlan1 IGMP Snooping statistics for vlan1 Interface: vlan1 Group: 224.12.13.14 Flags: Uptime: 00:02:56 Group mode: Exclude (Expires: 00:02:33) Last reporter: 192.168.1.10 Source list is empty Port member list: port1.0.9 - 154 secs Once the link is reconnected, we see that the Router Port has not been learnt. Switch-2#sh ip igmp snooping statistics interface vlan1 IGMP Snooping statistics for vlan1 Interface: vlan1 Group: 224.12.13.14 Flags: Uptime: 00:05:01 Group mode: Exclude (Expires: 00:00:28) Last reporter: 192.168.1.10 Source list is empty Port member list: port1.0.9 - 29 secs Eventually, the Querier sends an IGMP Query, which the Snooper receives on port 1.0.1. This restores the All Groups port on the Snooper. By default the Querier sends General Queries every 125 seconds, so the IGMP convergence delay will be up to 125 seconds with the default settings. For more information about this timeout, see "Configurable IGMP timers and counters" on page 68—but do not change the timeout without very carefully considering the effect on your network. When the Snooper receives the General Query, it forwards it out all its ports. The client responds with a Report. The Snooper forwards the Report out its All Groups port towards the Querier. The Querier responds by sending the multicast stream to the Snooper, which forwards the multicast stream out port 1.0.9 to the client. Page 38 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Query solicitation (rapid recovery from topology changes) Switch-2#sh ip igmp snooping statistics interface vlan1 IGMP Snooping statistics for vlan1 Group Type: Router Port Learnt Interface: vlan1 Group: 224.0.0.2 Uptime: 00:01:15 Group mode: Include () Last reporter: 192.168.1.1 Port member list: port1.0.1 - 216 secs Interface: vlan1 Group: 224.12.13.14 Flags: Uptime: 00:06:32 Group mode: Exclude (Expires: 00:03:36) Last reporter: 192.168.1.10 Source list is empty Port member list: port1.0.9 - 217 secs Explanation from the perspective of Switch-1, the Querier When link is up When the link is connected (all ports are up), the Querier has an entry for port 1.0.1, so it sends the group 224.12.13.14 out port 1.0.1. The output of the command show ip igmp snooping statistics interface vlan1 shows this entry. Switch-1#show ip igmp snooping statistics interface vlan1 IGMP Snooping statistics for vlan1 Interface: vlan1 Group: 224.12.13.14 Uptime: 16:49:17 Group mode: Exclude (Expires: 00:03:18) Last reporter: 192.168.1.2 Source list is empty Port member list: port1.0.1 - 198 secs When link goes down When we disconnect port 1.0.1 on the Snooper, the port disappears. The Querier is still receiving the multicast stream from the server, so the group entry remains. We can see that the group 224.12.13.14 is now an "UnReg MC Group". Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 39 Query solicitation (rapid recovery from topology changes) Switch-1#sh ip igmp snooping statistics interface vlan1 IGMP Snooping statistics for vlan1 Group Type: UnReg MC Group Interface: vlan1 Group: 224.12.13.14 Uptime: 00:00:05 Group mode: Include (Expires: 00:04:15) Last reporter: 192.168.1.5 When link comes up again When we reconnect port 1.0.1 on the Snooper, the port does not reappear because the Querier has not yet received a Report over it. Therefore, the Querier does not start forwarding the multicast stream out the port at this time. Eventually, the Querier sends an IGMP Query out all its ports. In response, it receives a Report from the client (via the Snooper). This restores the port entry and the Querier starts sending the multicast stream again. The output of the commands show ip igmp snooping statistics interface vlan1 and show ip igmp groups both show this restored entry. Switch-1#sh ip igmp snooping statistics interface vlan1 IGMP Snooping statistics for vlan1 Interface: vlan1 Group: 224.12.13.14 Uptime: 00:00:12 Group mode: Exclude (Expires: 00:04:08) Last reporter: 192.168.1.2 Source list is empty Port member list: port1.0.1 - 248 secs Switch-1#sh ip igmp groups IGMP Connected Group Membership Group Address Interface 224.12.13.14 vlan1 Uptime Expires Last Reporter 00:00:21 00:03:59 192.168.1.2 Page 40 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Query solicitation (rapid recovery from topology changes) Speeding up IGMP convergence in a non-looped topology The previous section described how it can take up to 125 seconds for multicasting to recover in a non-looped topology after a port comes back up. You can speed up convergence simply by enabling RSTP. This enables the network to use Query Solicitation and means that multicasting resumes within 3 seconds of the link coming up. Even though there is no loop in the network, one of the switches becomes the STP root bridge—it does not matter which switch does this. When the link comes up, the root bridge detects the topology change and sends a Query Solicitation. We disabled RSTP in the previous example. Even though RSTP is enabled by default in AlliedWare Plus, we have to re-enable it for this example: Switch-1# conf t Switch-1(config)# spanning-tree rstp enable Enabling Query Solicitation on multiple switches in a looped topology On networks that use spanning tree or EPSR, Query Solicitation is not normally required on switches other than the STP root bridge or EPSR master node. Therefore, it is only enabled by default on the root bridge and the master node. However, in some networks you may need to turn on Query Solicitation on all switches—for example, if the network includes other switches that do not support Query Solicitation and therefore the STP root bridge may be a switch that does not send Query Solicit messages. To enable Query Solicitation, use the commands: awplus# configure terminal awplus(config)# ip igmp snooping tcn query solicit Every switch that has Query Solicitation enabled sends a Query Solicit message when it detects a topology change. Enabling it on multiple switches means you get multiple messages, but has no other disadvantage. The following figure shows the packet flow for a four-switch network with Query Solicitation enabled on all the switches. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 41 Query solicitation (rapid recovery from topology changes) Multicast itc h3 Multicast Multicast h4 h3 itc itc Sw Sw QS from 3 QS from 3 GQ from 1 GQ from 1 GQ from 1 TC from 3 TC from 3 GQ from 1 h4 h3 itc itc Sw Sw 2 h itc oot Sw P r ST 1 h itc ier Sw uer Q 2. Switch 2 receives TC from switch 3. Switch 2 sends QS. to switch 1. Switch 1 sends GQ 2 h itc oot Sw P r ST 1 h itc ier Sw uer Q 1. Link to switch 4 goes down. Switch 3 stops blocking and sends Topology Change (TC) and Query Solicit (QS). Switch 2 forwards QS to switch 1. Switch 1 sends General Query (GQ) QS from 2 GQ from 1 GQ from 1 GQ from 1 h4 h3 itc itc Sw Sw QS from 4 QS from 4 GQ from 1 GQ from 1 GQ from 1 GQ from 1 h4 h3 itc itc Sw Sw 2 h itc oot Sw P r ST Report Report Report Report Report Report Report Report Report Report Report Report Sw Multicast h4 h3 itc itc Multicast Sw 2 h itc oot Sw P r ST 1 h itc ier Sw uer Q Multicast GQ from 1 QS from 4 1 h itc ier Sw uer Q 4. Client replies to each GQ by sending Membership Reports 2 h itc oot Sw P r ST 1 h itc ier Sw uer Q 3. Switch 4 receives TC from switch 3. Switch 4 sends QS. towards switch 1. Switch 1 sends GQ Final state: Multicasts flow from server to client via Switches 1, 2, 3, and 4 Sw 2 h itc oot Sw P r ST 1 h itc ier Sw uer Q Initial state: Port on switch 3 is blocking. Multicasts flow from server to client via switches 1 and 4 Multicast Multicast One topology change caused three Query Solicits, three General Queries, and three Reports. Page 42 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP filtering (controlling multicast distribution) IGMP filtering (controlling multicast distribution) IGMP filtering lets you control the distribution of multicast services on each switch port. Filtering is useful for subscription services when clients must be explicitly authorised to view a multicast stream. Example This example shows how to stop a host joining the group 224.0.1.22 and allow it to join all other groups. It uses the same network configuration as "IGMP snooping" on page 8. For convenience, the diagram is reproduced below. Multicast Server port1.0.1 00 x9 port1.0.11 Switch-1: Querier port1.0.12 Switch-2: Snooper port1.0.11 Switch-3: Snooper port1.0.12 port1.0.11 00 x6 00 x6 port1.0.12 (blocked by STP) port1.0.1 port1.0.1 Clie nt 2 Clie nt 1 The network contains a Windows 2000 workstation that regularly sends SVRLOC messages (an IGMP Membership Report for 224.0.1.22). This group gets added to the list of groups in vlan100 on Switch-1, as shown in the following output of the show ip igmp command. Switch-1>show ip igmp groups IGMP Connected Group Membership Group Address Interface 224.0.1.22 vlan100 Uptime Expires Last Reporter 00:03:27 00:03:04 0.0.0.0 We do not need to receive this multicast, so we will filter it out. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 43 IGMP filtering (controlling multicast distribution) 1. Configure Switch-1 Switch-1, the closest switch to the multicast source, is an IGMP Querier. AlliedWare Plus uses access lists to accomplish the desired effect. Add an Access Control List (ACL) to a VLAN interface configured for IGMP, IGMP Snooping or IGMP Proxy: Switch-1(config)# ip igmp access-group The access control list is used to control and filter the multicast groups learnt on the VLAN interface. To configure an ACL to block 224.0.1.22 and to attach the ACL to vlan100, use these commands: Switch-1#conf t Switch-1(config)#access-list 1 deny 224.0.1.22 0.0.0.0 Switch-1(config)#int vlan100 Switch-1(config-if)#ip igmp access-group 1 Switch-1#show access-list 1 Standard IP access list 1 10 deny 224.0.1.22 Switch-1 configuration: ! hostname Switch-1 ! access-list 1 deny 224.0.1.22 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp access-group 1 ip igmp version 2 Page 44 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP throttling (limiting the number of streams for each subscriber) Switch-2 and Switch-3's configuration do not change from the first example ("Configuration Example" on page 10). We look at the command show ip igmp snooping statistics interface vlan100, and since applying the filter, the stream 224.0.1.22 is no longer in the output: Switch-1#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 IGMP throttling (limiting the number of streams for each subscriber) IGMP throttling allows you to limit the number of streams that subscribers may access at a given time, for example, to protect from bandwidth oversubscription. When the number of multicast group memberships associated with a switch port reaches the configured limit, the port can either deny further Membership Reports, or replace an existing membership with the new group. IGMP filtering and throttling can be applied separately or together. The switch applies the filters first, then subjects any multicast group memberships passed by the filter to the limits imposed by throttling. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 45 IGMP throttling (limiting the number of streams for each subscriber) Example This example builds on "IGMP filtering (controlling multicast distribution)" on page 43 and uses the same network configuration as "IGMP snooping" on page 8. For convenience, the diagram is reproduced below. Multicast Server port1.0.1 00 x9 port1.0.11 Switch-1: Querier port1.0.12 Switch-2: Snooper port1.0.11 Switch-3: Snooper port1.0.12 port1.0.11 00 x6 00 x6 port1.0.12 (blocked by STP) port1.0.1 Clie nt 1 Page 46 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ port1.0.1 Clie nt 2 IGMP throttling (limiting the number of streams for each subscriber) 1. Configure Switch-1 Switch-1 is an IGMP Querier. It has the same filter configured as in the previous example, to deny the multicast group 224.0.1.22. ! hostname Switch-1 ! access-list 1 deny 224.0.1.22 ! spanning-tree mode rstp ! vlan database vlan 100 state enable ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp access-group 1 ip igmp version 2 Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 47 IGMP throttling (limiting the number of streams for each subscriber) 2. Configure Switch-2 Switch-2 is an IGMP Snooper. IGMP snooping is enabled by default and does not need any configuration. Switch-2 is limited to three multicast groups on vlan100. We have also added the filter that was configured on Switch-1 to deny the multicast group 224.0.1.22. ! hostname Switch-2 ! access-list 1 deny 224.1.0.22 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip igmp access-group 1 ip igmp limit 3 Page 48 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP throttling (limiting the number of streams for each subscriber) 3. Configure Switch-3 Switch-3 is also an IGMP Snooper. ! hostname Switch-3 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport Explanation of IGMP throttling In this example, Switch-2's configuration limits vlan100 to three concurrent multicast groups. Consider Switch-2 after a client on port 1.0.1 has tried to join the three groups from 224.12.13.14 - 224.12.13.16. Output from the command show ip igmp snooping statistics interface vlan100 shows the two memberships. Output from the show ip igmp snooping statistics interface vlan100 command Switch-2#show ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 02:12:43 Group mode: Include () Last reporter: 192.168.100.254 Port member list: port1.0.11 - 172 secs Interface: Group: Flags: Uptime: Group mode: ... vlan100 224.12.13.14 00:51:03 Exclude (Expires: 00:02:54) Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 49 Static IGMP Output from the show ip igmp snooping statistics interface vlan100 command (cont.) ... Last reporter: 192.168.100.10 Source list is empty Port member list: port1.0.1 - 175 secs Interface: vlan100 Group: 224.12.13.15 Flags: Uptime: 00:16:00 Group mode: Exclude (Expires: 00:02:56) Last reporter: 192.168.100.10 Source list is empty Port member list: port1.0.1 - 177 secs Group Type: Interface: Group: Uptime: Group mode: Last reporter: UnReg MC Group vlan100 239.255.255.253 00:05:14 Include (Expires: 00:01:26) 192.168.1.100 The switch has three entries in the IP IGMP snooping table, and even though the client attached to Switch-2 was trying to access the streams 224.12.13.14, 224.12.13.15 and 224.12.13.16, it has only joined streams 224.12.13.14 and 224.12.13.15, as Switch-2 has also got an entry for the 239.255.255.253 group (SLP multicast address). The limit of three has been reached, so 224.12.13.16 is not present in the table and the client cannot receive this group. Static IGMP Static IGMP enables you to configure a switch with specified group-to-interface or group-to-port mappings, which you may want to do if: your network includes hosts that cannot send IGMP Membership Reports you need to guarantee that a specific multicast stream is instantly available on a port, without any delay from the joining process A common usage of Static IGMP is for protocols like Service Location Protocol (SLP). This protocol sends out multicast packets that need to be forwarded to designated ports. You may want SLP packets to be forwarded to ports that have servers who need to respond to these packets. Static IGMP allows you to specify that traffic for this group should go to hosts who will respond to, or are interested in, these messages. Page 50 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Static IGMP Example In this example, we will start by setting an IGMP static entry for the group 224.12.13.14 to go to port 1.0.5 on Switch-1 (part of vlan100). On that port, we have attached a host that has no multicast client software running. After examining the effect of static IGMP on Switch-1, we will add a static IGMP entry to Switch-3 and consider the effect this has on multicasting through the network. The network for this example has three switches in a loop and is shown in the following figure. Sta Clietic nt port1.0.5 00 x9 port1.0.1 Multicast Server port1.0.11 port1.0.11 Switch-1: Querier port1.0.12 Switch-3: port1.0.12 00 x6 00 x6 port1.0.12 port1.0.11 (blocked by STP) port1.0.5 Switch-2: Snooper Sta Clietic nt (added later in example) 1. Configure Switch-1. Switch-1 is an IGMP Querier and has the static IGMP entry. Static IGMP also requires you to: add an IP address to the interface to which you will attach the static entry enable IGMP enable the interface as an IGMP interface Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 51 Static IGMP The commands for adding a static entry to the switch are: Switch-1# conf t Switch-1(config)# int vlan100 Switch-1(config-if)# ip igmp static-group 224.12.13.14 int port1.0.5 Configuration of Switch-1 ! hostname Switch-1 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp static-group 224.12.13.14 interface port1.0.5 ip igmp version 2 Page 52 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Static IGMP 2. Configure Switch-2. Switch-2 is an IGMP Snooper. ! hostname Switch-2 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport 3. Configure Switch-3. Switch-3 is also an IGMP Snooper. ! hostname Switch-3 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.25-1.0.26 switchport switchport mode access ! Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 53 Static IGMP Explanation of Static IGMP When the IGMP static entry is created on Switch-1, entries immediately appear in the IGMP snooping table and the IGMP table. Switch-1#show ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Interface: vlan100 Group: 224.12.13.14 Uptime: 00:18:08 Group mode: Exclude (Static) Last reporter: 0.0.0.0 Source list is empty Port member list: port1.0.5 - 0 secs Switch-1#sh ip igmp groups IGMP Connected Group Membership Group Address Interface 224.12.13.14 vlan100 Uptime 00:19:01 Expires stopped Last Reporter 0.0.0.0 The reason that it states ‘stopped’ in the ‘Expires’ column is that it is a static entry, so this entry will never time out. If there are no clients that have sent an IGMP Membership Report for the static group then the 'Expires' entry shows 'stopped'. If the switch sees any IGMP Membership Reports for the static group from clients, then the 'Expires' entry shows 'static'. When the group 224.12.13.14 starts streaming into Switch-1, we can use the command show interface port1.0.5 to watch the number of multicast packets sent on port1.0.5 increase. This means that the link is up and the static IGMP entry is working. Switch-1#show int port1.0.5 Interface port1.0.5 Scope: both Link is UP, administrative state is UP Thrash-limiting Status Not Detected, Action learn-disable, Timeout 1(s) Hardware is Ethernet, address is 0000.cd29.98ab index 5005 metric 1 mru 1522 current duplex full, current speed 100, current polarity auto configured duplex auto, configured speed auto, configured polarity auto <UP,BROADCAST,RUNNING,MULTICAST> SNMP link-status traps: Disabled input packets 541, bytes 47972, dropped 0, multicast packets 147 output packets 2919, bytes 1031906, multicast packets 2259 broadcast packets 314 Time since last state change: 0 days 00:51:56 Page 54 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Static IGMP Switch-1#show int port1.0.5 Interface port1.0.5 Scope: both Link is UP, administrative state is UP Thrash-limiting Status Not Detected, Action learn-disable, Timeout 1(s) Hardware is Ethernet, address is 0000.cd29.98ab index 5005 metric 1 mru 1522 current duplex full, current speed 100, current polarity auto configured duplex auto, configured speed auto, configured polarity auto <UP,BROADCAST,RUNNING,MULTICAST> SNMP link-status traps: Disabled input packets 543, bytes 48284, dropped 0, multicast packets 149 output packets 3518, bytes 1842552, multicast packets 2858 broadcast packets 314 Time since last state change: 0 days 00:52:03 When we add a static entry on another switch Now we add a static IGMP entry on port1.0.5 of Switch-3, by adding the configuration below. ! interface vlan100 ip address 192.168.100.253/24 ip igmp ip igmp static-group 224.12.13.14 interface port1.0.5 ip igmp version 2 Both switches are potential IGMP Queriers and Switch-3 becomes the Querier. This is because we gave Switch-3 a lower IP address (192.168.100.253) than Switch-1 (192.168.100.254). Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 55 Static IGMP To see the effect that the new configuration has on Switch-1, we can check the IGMP snooping and IGMP tables. The IGMP snooping table shows that Switch-1 now has an All Groups entry because it is no longer the Querier. The IGMP table also shows that Switch-1 is not the Querier. Switch-1#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:46:58 Group mode: Include () Last reporter: 192.168.100.253 Port member list: port1.0.12 - 228 secs Interface: vlan100 Group: 224.12.13.14 Uptime: 00:57:06 Group mode: Exclude (Static) Last reporter: 0.0.0.0 Source list is empty Port member list: port1.0.5 - 0 secs Switch-1#sh ip igmp groups IGMP Connected Group Membership Group Address Interface 224.12.13.14 vlan100 Uptime 00:57:56 Expires stopped Last Reporter 0.0.0.0 We can see the static entry on Switch-3 by checking the IGMP snooping and IGMP tables. Switch-3#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Interface: vlan100 Group: 224.12.13.14 Flags: SG Uptime: 00:50:04 Group mode: Exclude (Expires: 00:02:42, Static) Last reporter: 192.168.100.254 Source list is empty Port member list: port1.0.5 - 0 secs Page 56 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Static IGMP Switch-3#sh ip igmp groups IGMP Connected Group Membership Group Address Interface 224.12.13.14 vlan100 Uptime Expires Last Reporter 00:52:16 static 192.168.100.254 The server connected to port1.0.1 on Switch-1 is transmitting group 224.12.13.14, so we can see from the first output that Switch-3 has received the group 224.12.13.14 on port 1.0.12 and the static entry is on port 1.0.5. If the multicast server was attached to Switch-3 instead of Switch-1, we would have to change Switch-3's configuration. We would need to add a static entry for the port that Switch-3 uses to connect to Switch-1 (port 1.0.12). Although this is unnecessary in this scenario, we will do it to demonstrate the effect, by using the following command: awplus(config-if)# ip igmp static-group 224.12.13.14 interface port1.0.12 To see the new static entry, we use the commands show ip igmp snooping statistics interface vlan100 and show ip igmp group; to see multicast packets streaming, we use the command show int port1.0.5 and show int port1.0.12 to view the counters. Switch-3#sh ip igmp groups IGMP Connected Group Membership Group Address Interface 224.12.13.14 vlan100 Uptime Expires Last Reporter 01:12:18 static 192.168.100.254 Switch-3#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Interface: vlan100 Group: 224.12.13.14 Flags: SG Uptime: 01:12:41 Group mode: Exclude (Expires: 00:03:23, Static) Last reporter: 192.168.100.254 Source list is empty Port member list: port1.0.5 - 0 secs port1.0.12 - 0 secs Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 57 Static IGMP Switch-3#sh int port1.0.5 Interface port1.0.5 Scope: both Link is UP, administrative state is UP Thrash-limiting Status Not Detected, Action learn-disable, Timeout 1(s) Hardware is Ethernet, address is 0015.77c2.4d55 index 5005 metric 1 mru 1500 current duplex full, current speed 100, current polarity mdix configured duplex auto, configured speed auto, configured polarity auto <UP,BROADCAST,RUNNING,MULTICAST> SNMP link-status traps: Disabled input packets 19, bytes 1885, dropped 0, multicast packets 8 output packets 523, bytes 37273, multicast packets 417 broadcast packets 106 Time since last state change: 0 days 00:13:29 Switch-3#sh int port1.0.12 Interface port1.0.12 Scope: both Link is UP, administrative state is UP Thrash-limiting Status Not Detected, Action learn-disable, Timeout 1(s) Hardware is Ethernet, address is 0015.77c2.4d55 index 5012 metric 1 mru 1500 current duplex full, current speed 1000, current polarity mdi configured duplex auto, configured speed auto, configured polarity auto <UP,BROADCAST,RUNNING,MULTICAST> SNMP link-status traps: Disabled input packets 58783, bytes 10599594, dropped 0, multicast packets 50137 output packets 1725, bytes 197790, multicast packets 713 broadcast packets 1 012 Time since last state change: 1 days 00:05:40 We can see that the counters have incremented on both ports. Page 58 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ How clients leave groups: queries and timers When a static entry's port goes down Finally, note that when the port attached to a static entry goes down, the static entry remains. You can see from the output of the command show ip igmp snooping statistics interface vlan100 that port 5 has been disconnected. Switch-1#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 01:35:25 Group mode: Include () Last reporter: 192.168.100.253 Port member list: port1.0.12 - 227 secs Interface: vlan100 Group: 224.12.13.14 Uptime: 01:45:33 Group mode: Exclude (Static) Last reporter: 0.0.0.0 Source list is empty Port member list: port1.0.5 - 0 secs How clients leave groups: queries and timers When a client leaves a group, the Snoopers and the Querier check which ports now have clients that belong to that group. They will stop forwarding the group’s traffic out any ports that are now unnecessary. In this section, we describe the process in detail. Overview of leave process The basic process when a client leaves a group is as follows: 1. The client sends a Leave message to indicate that it no longer needs to receive that multicast group. 2. The Snooper receives the Leave message and forwards it towards the Querier. 3. For all ports that belong to the group, the Querier changes its internal group membership timer to a short value (2 seconds by default—see Querier timer values below). 4. The Querier sends a Specific Query to ask which other clients still belong to that group. 5. The aforementioned Snooper receives the Specific Query. For all ports that belong to the group, the Snooper changes its internal group membership timer to a short value (2 seconds by default—see Snooper timer values below) unless the timer is already short. It forwards the Query out all its ports. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 59 How clients leave groups: queries and timers 6. The Querier waits for the Last Member Query Interval time, 1 second by default, and then sends a second Specific Query. 7. The aforementioned Snooper snoops this second Specific Query and uses it to set the internal group membership timer for each port, unless the timer is already short (which it will be if the Snooper received the first Query). It forwards the Query out all its ports. 8. If the Snooper or Querier receives a Membership Report on a port, it sets the port timer to the Group Membership Interval value and continues to forward the multicast stream out that port. Otherwise, the timers for that port expire and the Snooper and/or Querier stops forwarding the multicast stream out that port. Querier timer values As described in Step 3 above, when the Querier sends a Specific Query for a group in response to a Leave message, the Querier updates a timer for ports that forward that group. The timer is the following two values multiplied together: Last Member Query Count (LMQC)—the number of Specific Queries the Querier sends, 2 by default, and Last Member Query Interval (LMQI)—the time between the Specific Queries, 1 second by default The default LMQC and LMQI give a timeout of 2 seconds. Therefore, by default the Querier must see the client response within 2 seconds of sending the first Specific Query. Because of this process, sensible values for LMQC and LMQI are essential. In most networks, the defaults are appropriate and you should not change them. If you need to change them, see "Last Member Query Count and Last Member Query Interval" on page 71. The command show ip igmp displays the timer for the most recently updated port as the group’s Refresh Time. Page 60 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ How clients leave groups: queries and timers Snooper timer values As described in Step 5 above, when the Snooper receives a Specific Query from the Querier, it may update a timer for ports that forward that group. The following flow chart describes the decision-making process for updating the timer. Start: Switch receives Query for which it has a group entry. Has the switch previously seen a Leave message? NO YES For this port, is the group entry dynamic (not static)? NO Do not alter port-specific group membership timer. Flood Query out all ports. YES Is the port’s current timer ≥ LMQI from Querier LMQC from Snooper? NO YES Set port-specific group membership timer to: LMQI from Querier LMQC from Snooper. Note that: The command show ip igmp snooping statistics interface displays the timer for the most recently updated port as the time displayed in the entry: Group mode: Exclude (Expires: <time>). To calculate the timer, the Snooper takes the LMQI value that it receives from the Querier and multiplies it by the Snooper’s own LMQC. The Snooper only reduces the timer if it receives a Leave message followed by a Specific Query—one of the messages is not enough. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 61 IGMP Fast Leave Comparing the Querier and Snooper timers By default, the Querier and Snooper port-specific group timers have the same value (2 seconds). This is because the LMQC is the same for the Querier and the Snoopers. Consequences for high-loss and high-lag networks If packet loss or lag time is an issue in your network, we recommend increasing the Robustness Variable on the Snoopers and the Querier. On Allied Telesis Snoopers and Queriers, LMQC = Robustness Variable. For Snoopers, not all vendors make these counters the same. RFC 2236 requires that LMQC and Robustness Variable have the same value on Queriers, but the IGMP timer rules for IGMP Snoopers are less well-defined. Increasing the Querier LMQC (or Robustness Variable) increases the number of Specific Queries that the Querier sends. This increases the probability that an interested client will receive a Query. Increasing the Snooper LMQC (or Robustness Variable) increases the length of time that the Snooper waits before aging out the port. This gives the client more time to reply to the Queries. For example, if you increase the LMQC to 5 (the maximum) on the Querier and the Snooper, then the Querier sends 5 Queries and the Snooper waits for 5 * LMQI, which is 5 seconds with the default LMQI. Make sure that the values on the Querier and the Snoopers match, so that the Snooper has time to forward all the Queries. For example, if you changed the Querier’s Robustness Variable to 5 but left the Snooper unchanged, the Querier would send out 5 Queries 1 second apart but the Snooper would age out the group entry after only the first 2 Queries. For more information about setting the Robustness Variable, and the consequences of this, see "Robustness Variable" on page 73. IGMP Fast Leave IGMP Fast Leave enhances your control over router bandwidth. Enabling Fast Leave tells IGMP snooping to stop the transmission of a group multicast stream to a port as soon as it receives a Leave message on that port. No timeouts are observed. Ordinarily, when IGMP snooping sees a Leave message, it waits for a Membership Query message before setting the entry timeout to 2 seconds. Fast Leave tells IGMP to drop the entry from the port as soon as the Leave message is seen. For this reason, Fast Leave should only be configured on interfaces that have one client per port. Page 62 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP Fast Leave This example shows how to enable fast-leave processing on a VLAN. awplus# configure terminal awplus(config)# interface vlan1 awplus(config-if)# ip igmp snooping fast-leave Example This example uses the same network configuration as the IGMP Snooping "Configuration Example" on page 10. For convenience, the diagram is reproduced below. Multicast Server port1.0.1 00 x9 port1.0.11 Switch-1: Querier port1.0.12 Switch-2: Snooper port1.0.11 Switch-3: Snooper port1.0.12 port1.0.11 00 x6 00 x6 port1.0.12 (blocked by STP) port1.0.1 Clie nt 1 port1.0.1 Clie nt 2 Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 63 IGMP Fast Leave 1. Configure Switch-1. Switch-1 is an IGMP Querier. ! hostname Switch-1 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp version 2 2. Configure Switch-2. Switch-2 is an IGMP Snooper. IGMP snooping is enabled by default and does not need any configuration. ! hostname Switch-2 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport Page 64 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP Fast Leave 3. Configure Switch-3. Switch-3 is also an IGMP Snooper. Fast leave is enabled on this switch. ! hostname Switch-3 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip igmp snooping fast-leave Explanation of IGMP Fast Leave Imagine that Client-2 on Switch-3 sends a Membership Report to join the group 224.12.13.14. The Snooper, Switch-3, adds this to its IGMP snooping table. When the same client then sends a Leave message, the IGMP Querier responds with a Membership Query and waits for a configured time for a response. The following sections describe in detail the differences between having Fast Leave disabled and enabled, but in summary: Without Fast Leave, the IGMP Snooper waits the same length of time as the Querier, then expires the entry if there was no response. With Fast Leave, the IGMP Snooper expires the entry as soon as it sees the Leave message from the client. By the time the Querier sends the Membership Query, the Snooper will have already expired the entry and therefore stopped sending the stream to the client. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 65 IGMP Fast Leave When Fast Leave is disabled The IGMP Snooper sees the Membership Query from the Querier and accordingly sets its expiry time in seconds to match the Querier. Switch-3# sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Disabled, Active(Snoop Only), Non-Querier, Version 3 (default) IGMP interface has 2 group-record states IGMP activity: 68 joins, 0 leaves IGMP querying router is 192.168.100.254 IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Group Membership interval is 260 seconds IGMP Last member query count is 2 Last member query response interval is 1000 milliseconds Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled If no Membership Report is received by the time the counters go to zero, then the client's entry is dropped from both the IGMP Querier and Snooper. When you enable fast leave on Switch-3 When Fast Leave is enabled on Switch-3, but not on Switch-1, an interesting chain of events occurs when the client sends a Leave message, as shown in the following diagram. The result of this is that Switch-3 adds the group back into its snooping table (with the same timeout as the IGMP Querier) but has no ports interested in receiving the group. Because Fast Leave is enabled on vlan100, that port was removed from the group as soon as Switch-3 received the Leave message. Page 66 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP Fast Leave Switch-3#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 02:24:16 Group mode: Include () Last reporter: 192.168.100.254 Port member list: port1.0.12 - 135 secs Interface: vlan100 Group: 224.12.13.14 Flags: Uptime: 00:12:23 Group mode: Exclude (Expires: 00:02:19) Last reporter: 192.168.100.20 Source list is empty Port member list: port1.0.1 - 140 secs We can see the entry for 224.12.13.14 with port 1.0.1 associated with this entry. Now we send a Leave message from the client attached to port 1.0.1, and with Fast Leave enabled on vlan100 the switch now removes the port association while keeping the entry in the table as an unregistered group. Switch-3#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 02:24:30 Group mode: Include () Last reporter: 192.168.100.254 Port member list: port1.0.12 - 258 secs Group Type: Interface: Group: Uptime: Group mode: Last reporter: UnReg MC Group vlan100 224.12.13.14 00:00:03 Include (Expires: 00:04:16) 192.168.1.100 Adding Fast Leave to Switch-1 would not be sensible, since there may be clients attached to other ports on Switch-3. If you enabled Fast Leave on Switch-1, one Leave message from Switch-3 would drop the multicast stream for everyone on that switch. It is safe to ignore the group entry on Switch-3. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 67 Configurable IGMP timers and counters Immediate Leave and Fast Leave Both Layer 2 IGMP Immediate Leave and Layer 3 IGMP Snooping Fast Leave are enabled on a per interface basis. The following example shows how to enable the Immediate Leave feature on the VLAN interface vlan2 for a specific range of multicast groups. Configure IGMP Immediate Leave: awplus# configure terminal awplus(config)# access-list 34 permit 225.192.20.0 0.0.0.25 awplus(config)# interface vlan2 awplus(config-if)# ip igmp immediate-leave group-list 34 awplus(config-if)# exit Configure IGMP Snooping Fast Leave: awplus(config)# int vlan2 awplus(config-if)# ip igmp snooping fast-leave awplus(config-if)# exit awplus(config)# sh run int vlan2 ! interface vlan2 ip igmp snooping fast-leave ! Configurable IGMP timers and counters This section looks at some of the timers and counters that control how often IGMP sends queries and how quickly entries time out. First, it gives background information in the following subsections: z "Timer and counter relationships" on page 69 z "Default values" on page 70 Then it looks at each of the configurable timers and counters, in the following subsections: z "Last Member Query Count and Last Member Query Interval" on page 71 z "Robustness Variable" on page 73 z "Default Query Interval" on page 75 z "Max Query Response Interval" on page 76 z "Group Membership Interval" on page 78 Page 68 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Configurable IGMP timers and counters RFC 2236 also describes other counters and timers that this section does not describe, because this section only describes the counters and timers that you can directly set. The switch derives other counters and timers from the above subset. Timer and counter relationships The above timers and counters are related to each other and to others in RFC 2236 by the following formulae: Last Member Query Count = Robustness Variable Group Membership Interval = (Robustness Variable * Default Query Interval) + one Query Response Interval in seconds Startup Query Count = Robustness Variable The Startup Query Count is the number of General Queries that the Querier sends when it starts up. Other Querier Timeout = (Robustness Variable * Default Query Interval) + (Query Response Interval in seconds/2) The Other Querier Timeout is the length of time that a potential Querier waits after receiving a Query before it assumes that it should become the Querier. These relationships mean you need to take care if you change timers or counters. "Example of bad choices for timer values" on page 78 describes the consequences of a bad combination of values. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 69 Configurable IGMP timers and counters Default values To display the values of the configurable IGMP settings for a VLAN, use the command: awplus# show ip igmp int vlan<vid> The following output shows the default values. Switch-1#show ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.254 IGMP interface has 2 group-record states IGMP activity: 1932 joins, 8 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds IGMP Last member query count is 2 Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled All changes are made on the VLAN interface in which the user wants to make the changes. Page 70 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Configurable IGMP timers and counters Switch-1(config)#int vlan100 Switch-1(config-if)#ip igmp ? access-group IGMP group access group immediate-leave Leave groups immediately without sending last member query, use for one host network only last-member-query-count Last Member Query Count last-member-query-interval Last Member Query Interval limit IGMP Limit mroute-proxy Mroute to IGMP proxy proxy-service Enable IGMP mroute proxy service querier-timeout IGMP previous querier timeout query-holdtime Query Hold Time query-interval Query Interval query-max-response-time IGMP Max Query Response Time ra-option IGMP Strict RA Option Validation robustness-variable Robustness Variable snooping Layer 2 Snooping source-address-check Enforce report source address checking startup-query-count Startup Query count startup-query-interval Startup Query Interval static-group Static Group to be Joined v3toscheck IGMPv3 strict IP ToS checking (0xC0) version IGMP Version Note that units for Last Member Query Interval (LMQI) and Query Response Interval are .001seconds (i.e., milliseconds). Therefore, the default LMQI of 1 second is shown as 1000ms The units for the Max Query Response Interval are seconds. The default Max Query Response Interval is 10 seconds. Last Member Query Count and Last Member Query Interval The Last Member Query Count (LMQC) is the number of Specific Queries the Querier sends after receiving a Leave message—1 to 5 messages. The Last Member Query Interval (LMQI) is the time between the Specific Queries—1000 to 25500 in units of 0.001 seconds. These counters determine how quickly a group times out when the last client leaves the group. You should read this section in conjunction with "How clients leave groups: queries and timers" on page 59, which has an outline of the leave process and a detailed discussion of the timers. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 71 Configurable IGMP timers and counters What these counters do On the Querier and all Snoopers, IGMP keeps group membership timeout values on each port. During general multicasting, these timeouts are (by default) 260 seconds. When a client leaves a group, these timeouts are reduced to make multicasting stop quickly after the last client leaves. The LMQC and LMQI determine the value of the timeout during this leave process (2 seconds with the default LMQC and LMQI). On the Querier: timeout during the leave process = LMQC * LMQI On Snoopers: timeout during the leave process = LMQI from Querier * LMQC from Snooper The command show ip igmp interface vlan displays the timers for a particular interface. Potential problems with changing these counters For most networks, the default LMQI and LMQC values work. You should only change them if you are aware of the likely effect on the network. In particular, note that: Changing the LMQC automatically changes the Robustness Variable. Therefore, we do not recommend setting the LMQC to 1, because it removes the system’s allowance for packet loss. See "Robustness Variable" on page 73 for more information about the consequences of changing the Robustness Variable. If you set the LMQI (or LMQC, or both) too low, clients will not be able to reply to Specific Queries quickly enough and the Querier and Snoopers may delete group entries for ports that still need to receive multicasts. If this happens, some or all clients briefly lose the multicast stream. The default values of LMQI (1000ms) and LMQC (2) mean that the Querier must receive client Membership Reports within 2 seconds of the first Query. This is already quite a short time and we do not recommend reducing it even more. For example, reducing the LMQI to 500ms would allow only one second for responses, which may be too little. How to change these counters The following example increases LMQI a lot, and then shows the resulting changed refresh time. Switch-1#conf t Switch-1(config)#int vlan100 Switch-1(config-if)#ip igmp last-member-query-interval ? <1000-25500> ms) Last Member Query Interval value (Default: 1000 Switch-1(config-if)#ip igmp last-member-query-interval 255 Page 72 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Configurable IGMP timers and counters Switch-1#show ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.254 IGMP interface has 2 group-record states IGMP activity: 1966 joins, 8 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 255 milliseconds Group Membership interval is 260 seconds IGMP Last member query count is 2 Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled The refresh time in seconds is (LMQI/1000) * LMQC = 255/1000 * 2 = 0.5 seconds Robustness Variable What this counter does The Robustness Variable (RV) allows you to tune for the expected packet loss on a subnet. If you expect a subnet to be lossy, you can increase the RV. IGMP is robust to packet loss of one packet less than the RV. The RV is an integer from 1 to 5 and should not be set to 1. If packet loss or lag time is an issue in your network, we recommend increasing the Robustness Variable on the Snoopers and the Querier. This increases the following: the number of Queries that the Querier sends out (by increasing the LMQC) the amount of time that the Querier and the Snoopers wait for clients to reply For more details, see "Consequences for high-loss and high-lag networks" on page 62. Potential problems with changing this counter The RV is the counter you are most likely to need to change. However, you need to appreciate the effect this has on your network, as described in RFC 2236. Changing the RV changes other values from the RFC, as follows: Last Member Query Count = Robustness Variable Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 73 Configurable IGMP timers and counters Group Membership Interval = (Robustness Variable * Default Query Interval) + one Query Response Interval in seconds Startup Query Count = Robustness Variable Other Querier Timeout = (Robustness Variable * Default Query Interval) + (Query Response Interval in seconds/2) The Group Membership Interval automatically changes to match the above formula. Group Membership Interval = (Robustness Variable * Default Query Interval) + one Query Response Interval in seconds How to change this counter Switch-1# conf t Enter configuration commands, one per line. End with CNTL/Z. Switch-1(config)# int vlan100 Switch-1(config-if)# ip igmp robustness-variable ? <1-7> Robustness Variable value (Default: 2) Switch-1(config-if)# ip igmp robustness-variable 5 Note that the Last Member Query Count, Startup Query Count, Group Membership Interval and Last Member Query Count have also changed. Switch-1#sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.254 IGMP interface has 3 group-record states IGMP activity: 18 joins, 0 leaves IGMP robustness variable is 5 IGMP last member query count is 5 IGMP query interval is 125 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 5 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 630 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 635 seconds IGMP Last member query count is 5 Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled Page 74 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Configurable IGMP timers and counters Default Query Interval What this timer does To maintain an accurate picture of group membership, the Querier periodically sends General Queries to all its IGMP interfaces. The Default Query Interval is the gap between General Queries. Note that General Queries are quite different from Specific Queries, which the Querier sends to a group address when it receives a Leave message for that group. The router only sends General or Specific Queries if it is the Querier. If another router is elected as the Querier, the non-elected router ignores the Default Query Interval and other such settings. Potential problems with changing this timer If you change the Default Query Interval, the Group Membership Interval also needs to change so that clients have an appropriate amount of time to reply to the Query. How to change this timer The Default Query Interval is an integer from 1 to 65535 seconds, specified using the query-interval parameter. The default is 125 seconds. The following example tweaks the interval. Note that the IGMP Querier timeout and Group Membership Interval also change. Switch-1#conf t Switch-1(config)#int vlan100 Switch-1(config-if)#ip igmp quer Switch-1(config-if)#ip igmp query-interval ? <2-18000> Query Interval value (Default: 125 s) Switch-1(config-if)#ip igmp query-interval 120 Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 75 Configurable IGMP timers and counters Switch-1#sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.254 IGMP interface has 3 group-record states IGMP activity: 16 joins, 0 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 120 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 245 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 250 seconds IGMP Last member query count is 2 Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled Max Query Response Interval What this timer does The Max Query Response Interval determines the longest time clients can take to reply to a General Query. The Querier inserts the Max Query Response Interval into General Query messages. Clients randomly choose a time between 0 and the Max Query Response Interval at which to respond to a General Query. Increasing the Query Response Interval spreads IGMP messages over a longer time period, which reduces the burstiness of traffic on the network. It may be useful to decrease the Max Query Response Interval if you are running EPSR or RSTP. Decreasing the Max Query Response Interval reduces the recovery time after a topology change. For more information, see "Query solicitation (rapid recovery from topology changes)" on page 34. Potential problems with changing this timer If your network has many multicast clients and you make the Max Query Response Interval too short, you may congest the Snoopers and Querier with too many Report messages in a short time. If you change the Max Query Response Interval, the Group Membership Interval also needs to change, so that clients have an appropriate amount of time to reply to the Query. Page 76 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Configurable IGMP timers and counters How to change this timer The Max Query Response Interval is an integer from 1 to 3180 seconds, specified using the query-max-response-time parameter. The default is 10 seconds. Switch-1# conf t Switch-1(config)# int vlan100 Switch-1(config-if)# ip igmp query-max-response-time ? <1-3180> Query Reponse Time (Default: 10 s) Switch-1(config-if)#ip igmp query-max-response-time 100 Switch-1#sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.254 IGMP interface has 3 group-record states IGMP activity: 12 joins, 0 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 125 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 300 seconds IGMP max query response time is 100 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 350 seconds IGMP Last member query count is 2 Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled In this example, the Querier sends a General Query every 125 seconds. The General Query contains the Max Query Response Interval of 100, which tells clients that they have 100 seconds to reply to this General Query message. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 77 Example of bad choices for timer values Group Membership Interval What this timer does The Group Membership Interval specifies the length of time before the switch deletes a group from its multicast group database after the switch last receives a Membership Report for that group. All IGMP routers and switches in a network use this interval to maintain their group membership databases, not just the Querier. The Querier also uses this interval to close down multicasting if it receives no replies to all General Queries for a group. If the Querier sends a General Query and does not receive any Membership Reports in response, it continues to send any existing multicast streams. In the meanwhile, the Group Membership Interval counts down until it hits zero, at which point the Querier stops propagating the multicast streams through the LAN. Potential problems with changing this timer Making the Group Membership Interval too short has serious consequences. You remove the network's ability to cope with losing a General Query and you may not give enough time for client responses to reach the Querier. These problems would cause multicasting to stop for some or all clients. For more information, see "Example of bad choices for timer values" on page 78. Synchronisation of timers The Group Membership Interval is a function of several other timers, according to the following formula from RFC 2236: Group Membership Interval = (Robustness Variable * Default Query Interval) + one Query Response Interval in seconds The Group Membership Interval changes automatically if you change either the Robustness Variable or the Query Response Interval. Example of bad choices for timer values It is generally unwise to change any of the default IGMP settings unless you have advanced knowledge of how IGMP works. As "Timer and counter relationships" on page 69 describes, most of the timers and counters are related. This means setting timers can cause problems unless you understand the potential impact on the IGMP process. This example sets three timers to excessively short values and discusses the potential consequences. Page 78 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Example of bad choices for timer values Example Imagine the following changes to the configuration: TIMER PARAMETER NEW PARAMETER VALUE Last Member Query Interval 0.5 seconds Max Query Response Interval 1 Query Interval 126 The commands to configure these settings are: Switch-1(config-if)# ip igmp last-member-query-interval 500 Switch-1(config-if)# ip igmp query-max-response-time 1 Switch-1(config-if)# ip igmp query-interval 126 The resulting values are displayed in the following output. Switch-1#sh ip igmp int vlan100 Interface vlan100 (Index 400) IGMP Enabled, Active, Querier, Configured for version 2 Internet address is 192.168.100.254 IGMP interface has 2 group-record states IGMP activity: 193 joins, 1 leaves IGMP robustness variable is 2 IGMP last member query count is 2 IGMP query interval is 126 seconds IGMP Startup query interval is 31 seconds IGMP Startup query count is 2 IGMP query holdtime is 500 milliseconds IGMP querier timeout is 254 seconds IGMP max query response time is 5 seconds Last member query response interval is 5000 milliseconds Group Membership interval is 257 seconds IGMP Last member query count is 2 Strict IGMPv3 ToS checking is disabled on this interface Source Address checking is enabled IGMP Snooping is globally enabled IGMP Snooping query solicitation is globally enabled for Root/Master Nodes IGMP Snooping query solicitation is globally disabled for Non Root/ Master Nodes Num. query-solicit packets: 0 sent, 0 recvd IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 79 Stopping Snoopers from snooping non-IGMP messages Problem 1: Last Member Query Interval too short The Last Member Query Interval was set to 500ms, using the command: Switch-1(config-if)# ip igmp last-member-query-interval 500 This value is very low—half a second. A Last Member Query Count of 2 (the default), gives your clients 1 second to get their Report back to the Querier before the Snooper and Querier stop sending the data stream. Using too low a Last Member Query Interval may mean that some or all clients briefly lose the multicast stream. Problem 2: Query Response Interval short The Query Response Interval was also set to 5 tenths of a second, using the command: awplus(config-if)# ip igmp query-interval 5 This value is also half a second. This value means that clients randomly pick a time between 0 and 0.5 seconds to respond (send a Report) to a Query. Using a short time here congests the Snoopers and Querier with Reports in a short space of time. This is not necessarily a problem if you only have a few clients, but 0.5 seconds is definitely a short window of time. Stopping Snoopers from snooping non-IGMP messages Some networks include routers that have no interest in IGMP, but still generate multicast messages by running protocols like OSPF. When a Snooper receives multicast messages from such a router, the Snooper adds the router's port to its All Groups port list. This means the router is unnecessarily sent IGMP and multicast traffic. Using IGMP features to prevent the excess traffic is particularly helpful when you cannot or do not want to control the traffic at the router. This example describes how to use AlliedWare Plus’ advanced IGMP features to prevent this behaviour, by limiting the ports that the Snooper adds to the All Groups list, or by stopping particular types of traffic from adding ports to the All Groups list. Page 80 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Stopping Snoopers from snooping non-IGMP messages Example The example is based around a network that has a router running OSPF. The router is connected to a LAN through a switch. The LAN is a single subnet with no OSPF routers inside it. The network for this example uses the same loop as for "IGMP snooping" on page 8, with a router attached to Switch-2. The network is shown in the following figure. Multicast Server port1.0.1 00 x9 port1.0.11 Switch-1: Querier port1.0.12 OSPF OSPF Switch-2: Snooper Switch-3: Snooper port1.0.12 port1.0.11 port1.0.11 00 00 x6 x6 port1.0.12 port1.0.24 (blocked by STP) port1.0.3 port1.0.2 Clie nt 1 OSPF Clie nt 2 88 24 Router We used an AT-8824 switch running AlliedWare for the Router in this example. Each example in this section modifies the following base configuration. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 81 Stopping Snoopers from snooping non-IGMP messages Switch-1 Configuration—IGMP Querier ! hostname Switch-1 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 vlan 100 state enable ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport ! interface vlan100 ip address 192.168.100.254/24 ip igmp ip igmp version 2 Switch-2 Configuration—IGMP Snooper ! hostname Switch-2 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 vlan 100 state enable ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport Page 82 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Stopping Snoopers from snooping non-IGMP messages Switch-3 Configuration—IGMP Snooper ! hostname Switch-3 ! spanning-tree mode rstp ! vlan database vlan 100 name vlan100 vlan 100 state enable ! interface port1.0.1-1.0.10 switchport access vlan 100 spanning-tree edgeport ! interface port1.0.11-1.0.12 switchport switchport mode access switchport access vlan 100 ! interface port1.0.13-1.0.24 switchport access vlan 100 spanning-tree edgeport Router Configuration—OSPF set system name=Router # VLAN general configuration create vlan=vlan100 vid=100 add vlan=100 port=1-4 create vlan=vlan2 vid=2 add vlan=2 port10-12 # IP configuration enable ip set ip autonomous=65000 add ip int=vlan100 ip=192.168.100.100 mask=255.255.255.0 add ip int=vlan2 ip=10.0.0.1 # OSPF configuration set ospf routerid=192.168.100.100 add ospf area=0.0.0.1 add ospf range=192.168.100.0 area=0.0.0.1 mask=255.255.255.0 add ospf interface=vlan100 area=0.0.0.1 enable ospf With the configuration above, the router sends OSPF messages to Switch-2. As the following outputs show, this means that: Switch-2 designates port 1.0.11 and 1.0.24 as the Router ports. Switch-2 forwards the OSPF packets to port 1.0.11 on Switch-1, so Switch-1 designates port1.0.11 as the Router port. Switch-3 forwards the OSPF packets to uplink port 1.0.12 on Switch-1, so Switch-1 designates port1.0.12 as a Router port. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 83 Stopping Snoopers from snooping non-IGMP messages Switch-1# sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:07:07 Group mode: Include () Last reporter: 192.168.100.100 Port member list: port1.0.12 - 250 secs Switch-2 has two entries for the Router Port: port1.0.12, which is connected to Switch-1—the IGMP Querier—and port1.0.24, which has the OSPF router connected to it. Switch-2#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:16:09 Group mode: Include () Last reporter: 192.168.100.100 Port member list: port1.0.24 - 251 secs port1.0.12 - 215 secs On Switch-3, the Router port is learnt on interface port1.0.12 Switch-3#sh ip igmp snooping statistics interface vlan100 IGMP Snooping statistics for vlan100 Group Type: Router Port Learnt Interface: vlan100 Group: 224.0.0.2 Uptime: 00:08:32 Group mode: Include () Last reporter: 192.168.100.100 Port member list: port1.0.12 - 250 secs Page 84 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Stopping Snoopers from snooping non-IGMP messages Controlling which addresses create All Groups entries The router or switch adds a port to its All Groups list when it determines that the port has a router attached to it. This example shows how to influence the switch's process in determining who is a router, and therefore when to add a port to the All Groups list. You can control the criteria for deciding which packets actually indicate the presence of a router on a particular port, by using the command: awplus(config-if)# ip igmp snooping routermode {all|default|ip| multicastrouter|address <ip-address>} With this command, you specify (in effect) a list of IP addresses. When the switch receives a multicast packet on a port, it compares the packet's destination IP address with the list. If they match, the switch considers the packet to be from a "router", and adds the port to the All Groups list. The following table shows the address lists that each command option gives. THIS OPTION... MEANS THAT THE PORT IS TREATED AS A MULTICAST ROUTER PORT IF IT RECEIVES PACKETS FROM... all any reserved multicast addresses (224.0.0.1 to 224.0.0.255) default 224.0.0.1 (IGMP Queries) 224.0.0.2 (all routers on this subnet) 224.0.0.4 (DVMRP routers) 224.0.0.5 (all OSPFIGP routers) 224.0.0.6 (OSPFIGP designated routers) 224.0.0.9 (RIP2 routers) 224.0.0.13 (all PIM routers) 224.0.0.15 (all CBT routers) multicastrouter 224.0.0.4 (DVMRP routers) 224.0.0.13 (all PIM routers) ip the current list of addresses, plus addresses specified using the command ip igmp snooping routermode address, minus addresses specified using the command no ip igmp snooping routermode address. Switch-2# sh ip igmp snooping routermode Router mode.............IP Reserved multicast address Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 85 IGMP debugging IGMP debugging In this section, we shall examine the debugging messages that the switch outputs when certain events occur while debugging is enabled. To enable debugging, use the command: awplus# debug igmp {all|decode|encode|events|fsm|tib} Switch-1# debug igmp ? all Turn on all Debugging decode IGMP decode encode IGMP encode events IGMP events fsm IGMP FSM tib IGMP Tree-Info-Base (TIB) PARAMETER MEANING all Enable or disable all debug options for IGMP decode Debug of IGMP packets that have been received encode Debug of IGMP packets that have been sent events Debug IGMP events fsm Debug IGMP Finite State Machine (FSM) tib Debug IGMP Tree Information Base (TIB) A client joins a group Client 2 sends a Membership Report for group 224.12.13.14. Switch-1 sees the report on vlan100 (1.0.11), and adds the port to its IGMP and IGMP snooping tables. In this example we will show this using the following debugging options: debug igmp decode debug igmp events Switch-1#19:52:20 Switch-1 IMISH[26241]: debug igmp decode 19:52:25 Switch-1 NSM[1257]: [IGMP-DECODE] : IP packet 192.168.100.100->224.0.0.5 on vlan100(port1.0.11) triggers router port detection 19:52:25 Switch-1 NSM[1257]: [IGMP-DECODE] : UnReg Grp 224.12.13.14 on vlan100 19:52:34 Switch-1 NSM[1257]: [IGMP-DECODE] : IGMP V2 Membership Report, (Src=0.0.0.0) Max. Rsp. Code 0 on port1.0.11 19:52:34 Switch-1 NSM[1257]: [IGMP-DECODE] : Grp 224.12.13.14 on vlan100 Switch-1#term mon Switch-1#debug igmp events Page 86 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ IGMP debugging 19:59:05 Switch-1 IMISH[2155]: debug igmp events 19:59:15 Switch-1 NSM[1260]: [IGMP-EVENTS] : Deleting Unreg MC vlan100 19:59:15 Switch-1 NSM[1260]: [IGMP-EVENTS] : Grp Timer Refresh vlan100(port1.0.11) 19:59:16 Switch-1 NSM[1260]: [IGMP-EVENTS] : Expiry (Host-Side Timer) for 224.12.13.14 on vlan100 19:59:17 Switch-1 NSM[1260]: [IGMP-EVENTS] : Expiry (Host-Side Timer) for 224.12.13.14 on vlan100 19:59:21 Switch-1 NSM[1260]: [IGMP-EVENTS] : Exipry on vlan100 19:59:22 Switch-1 NSM[1260]: [IGMP-EVENTS] : Grp Timer Refresh vlan100(port1.0.11) Grp 224.12.13.14 on 224.12.13.14 on Generate Grp Report Generate Grp Report 224.12.13.14 on A client leaves a group Client 2 sends a Leave message for group 224.12.13.14. Switch-1 sees the Leave message on vlan100 (1.0.11). Switch-1#19:52:20 Switch-1 IMISH[26241]: debug igmp decode 20:04:25 Switch-1 NSM[1260]: [IGMP-DECODE] : IGMP V2 Membership Report, (Src=0.0.0.0) Max. Rsp. Code 0 on port1.0.11 20:04:25 Switch-1 NSM[1260]: [IGMP-DECODE] : Grp 224.12.13.14 on vlan100 20:04:25 Switch-1 NSM[1260]: [IGMP-DECODE] : IP packet 192.168.100.100->224.0.0.5 on vlan100(port1.0.11) triggers router port detection 20:04:33 Switch-1 NSM[1260]: [IGMP-DECODE] : IGMP V2 Leave Group, (Src=0.0.0.0) Max. Rsp. Code 0 on port1.0.11 20:04:33 Switch-1 NSM[1260]: [IGMP-DECODE] : Grp 224.12.13.14 on vlan100 20:04:35 Switch-1 NSM[1260]: [IGMP-DECODE] : UnReg Grp 224.12.13.14 on vlan100 We can see the Membership Report for group 224.12.13.14 on port1.0.11, without a source IP address. And then we can see the Leave received on port 1.0.11. Switch-1# term mon Switch-1# debug igmp events Switch-1#20:02:32 Switch-1 NSM[1260]: [IGMP-EVENTS] : Grp Timer Refresh 224.12.13.14 on vlan100(port1.0.11) 20:02:44 Switch-1 NSM[1260]: [IGMP-EVENTS] : Grp Timer Refresh 224.12.13.14 on vlan100(port1.0.11) 20:02:45 Switch-1 NSM[1260]: [IGMP-EVENTS] : Expiry (Group Query Re-Transmit Timer) for Grp 224.12.13.14 on vlan100 20:02:46 Switch-1 NSM[1260]: [IGMP-EVENTS] : Expiry (Group Liveness Timer) for Grp 224.12.13.14 on vlan100 20:02:46 Switch-1 NSM[1260]: [IGMP-EVENTS] : Expiry (L2 IF Grp Liveness Timer) for Grp 224.12.13.14 on vlan100(port1.0.11) 20:02:46 Switch-1 NSM[1260]: [IGMP-EVENTS] : Setting Grp 224.12.13.14 on vlan100(port1.0.11) to not dynamic/not static Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 87 Support for IGMPv3 Support for IGMPv3 AlliedWare Plus supports IGMP version 3. What version 3 adds to the IGMP protocol is support for source-filtering. This means it now supports the ability for users to report interest in receiving a particular multicast stream only from a specific source or multiple source addresses. The desired source addresses can be expressed as either: Please send me the group A.B.C.D from any of the following source addresses (Include mode), or Please send me the group A.B.C.D from any source address except the following (Exclude mode) This information can be used by multicast routing protocols to avoid delivering the multicast packets from specific sources to networks where there are no hosts interested in these multicast streams. This feature is also called Source Specific Multicast (SSM). AlliedWare Plus IGMPv3 is based on the IETF RFC 3376. IGMPv3 supports two types of protocol messages: Membership query messages Membership report messages An IGMPv3 Querier can query three types of information using a query message: A general query to determine the multicast reception state (membership information) associated with its neighboring hosts’ interfaces for all multicast groups enabled at the interface. A group-specific query to determine the multicast reception state for a specific multicast group associated with its neighboring host's interfaces. A group-and-source-specific query to determine the multicast reception state for a specific multicast group and a specified set of sources, associated with its neighboring host's interfaces. The first two types of query are equivalent to IGMPv2 queries. But the third type of query (The group-and-source-specific query) is a new type that is introduced by IGMPv3 In IGMPv3, when a client has sent a general query, it is sent with an IP destination address of 224.0.0.1— this is the all-systems multicast address. Group-Specific and Group-and-SourceSpecific Queries are sent with an IP destination address equal to the multicast address of interest. At this point we need to point out that there is no such thing as an IGMPv3 leave message. A host leaves by requesting to receive a group from no sources. A single IGMPv3 report can contain multiple Group Records. What this means is that the report can update a host's membership of multiple multicast groups. When the IGMPv3 reports are sent from the host, they are sent with a destination address of 224.0.0.22. This results in all IGMPv3 multicast-aware routers listening to the reports. A system that is operating in IGMPv1 or IGMPv2 compatibility modes sends version 1 or version 2 reports to the multicast group specified in the Group Address field of the Report. Page 88 | Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ Support for IGMPv3 An implementation of IGMPv3 must also support the following three message types, for interoperation with previous versions of IGMP: Version 1 Membership Report [RFC1112] Version 2 Membership Report [RFC2236] Version 2 Leave Group [RFC2236] Benefits The benefits of using IGMPv3 over IGMPv1 and IGMPv2 include: Optimized bandwidth utilization: a receiver may request to receive traffic only from explicitly known sources Improved security (no denial of service attacks from unknown sources) Enables service providers to receive content from multiple content providers without needing to be concerned if the content providers are using overlapping group addresses Report suppression The switch can suppress IGMP versions 1 and 2 reports when IGMPSNOOPING is configured. Report suppression stops reports being sent to an upstream multicast router port when there are already downstream ports for the requested group on the same downstream VLAN interface. This reduces the amount of IGMP traffic that is sent to the Querier Report suppression does not apply to IGMPv3. This functionality is enabled by default for IGMPv1 and IGMPv2 reports. The command below enables report suppression for IGMPv2 reports on vlan3, if it has been disabled. awplus# conf t awplus(config)# int vlan3 awplus(config-if)# ip igmp version 2 awplus(config-if)# ip igmp snooping report-suppression When Client A in vlan3 sends a report to join the group 225.1.2.3, the switch sends this report upstream to the Querier. If Client B in the same VLAN sends a report for the same multicast group 225.1.2.3, the switch does not need to forward this report on to the Querier—it had already done so when receiving the report from Client A. The switch does not drop the report. It processes the second report to update (refresh) the liveness timer of the group in its group database, and then not forward it. When the first client sends a leave message, the switch does not pass the leave message on up to the Querier because report suppression is on. As a result, the client will continue to receive traffic until the snooping entry on the port times out, or until the Querier sends a query for this group and the client does not confirm its membership for the group. Configure IGMP for Multicasting on Managed Layer 3 Switches on AlliedWare Plus™ | Page 89 When report suppression is enabled, the switch will put its own IP address as the source address of the reports and leave messages that it sends to the Querier. When the last client in a group leaves, this causes traffic to stop to all clients straight away (even to the clients that have already left but are still receiving traffic). This is simply because a Leave report from the last group member will not be suppressed (regardless of the suppression setting), but will be immediately forwarded to the Querier, so the leave sequence is started immediately. If report suppression is disabled on switches in the network, ensure that immediate leave is not configured on any switches upstream of those on which report suppression has been disabled. This is because when report suppression is enabled, the switch will only send a leave upstream if all of its downstream hosts have left the group, but when report suppression is disabled, all leave messages received from downstream hosts are simply passed on upstream. If a port upstream of a suppression-disabled switch is configured for immediate leave, it will stop forwarding the stream as soon as any downstream host leaves the group, irrespective of whether other downstream hosts are still members of the group. Source Address Check By default AlliedWare Plus only accepts IGMP packets whose source IP address is in the same subnet as the IP address on the receiving interface. We can override this behaviour using the command: Switch-2(config)# int vlan100 Switch-2(config-if)# no ip igmp source-address-check Tips for making an IGMP network more efficient Enable Fast Leave—this will cause IGMP snooping to immediately remove group membership of the port, rather than waiting till the Leave report has gone to the Querier and the Querier has sent a query in response asking for group membership. Switch off Report Suppression—this will cause all reports and Leaves from clients to be immediately forwarded to the Querier, causing the leave sequence to commence straight away. This is OK if only a small to medium number of clients are connected. Generally, it is not recommended if there are a very large number of clients, as the Querier will see a lot more reports than if the edge switches aggregate the reports from the clients. Move the Querier to the edge switch—this will have the desired effect because the clients can talk directly with the Querier, however it is not recommended if you have more than one edge switch. Reduce the Query Interval on the Querier—this will cause the Querier to send queries more often and therefore will shorten the time between the client leaving and the general query C613-16176-00 REV A North America Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895 Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830 EMEA & CSA Operations | Incheonweg 7 | 1437 EK Rozenburg | The Netherlands | T: +31 20 7950020 | F: +31 20 7950021 alliedtelesis.com © 2013 Allied Telesis Inc. All rights reserved. Information in this document is subject to change without notice. All company names, logos, and product designs that are trademarks or registered trademarks are the property of their respective owners.
© Copyright 2024